spf ent txt records.
Mark Andrews
marka at isc.org
Mon Mar 18 00:59:11 UTC 2013
In message <201303180038.r2I0cWeT026399 at calcite.rhyolite.com>, Vernon Schryver writes:
> > 20741, so direct SPF RR hits is about one third of those using TXT RR,
> > small, but, insignificant? I wouldn't really say so, but some might. I
> > suspect the SPF wanting to be deprecated is because of the lack of
> > take-up, due to lazy admins, there are some resolvers in use from
> > ancient debian boxes that are so old, they dont understand the SPF RR,
> > yes I know, they have bigger problems than that, but, again, comes down
> > to laziness, DNS is not rocket science, I'm sure given ARM and access to
> > google, a 13yo kid could get at least the "basics" right.
>
> Laziness?--nonsense. Postel's Law and simple logic predict the
> deprecating of the SPF type as well as the continued practice of
> publishing only TXT records by those with rational reasons to publish
> SPF data.
>
> 1. SMTP servers (mail receivers) that have wanted to honor SPF -all
> been forced to look for for SPF data in TXT records since the
> beginning. There have been far more TXT records with SPF data
> than SPF records. Therefore, the best course for SMTP servers
> has been to request TXT and only request SPF if the TXT request
> gives NODATA. Requesting both SPF and TXT types would cost extra
> bandwidth and raise questions about what to do if both are present
> and differ. Occassional differences between SPF and TXT are
> inevitable due to caching in recursive resolvers even when the
> authoritative server always changes both simultaneously.
Yet libspf2 requests SPF records and falls back to TXT on NODATA.
It does not do a TXT query if it gets a SPF response.
> 2. Rational operators of SMTP clients (mail senders) know that well
> maintained SMTP servers understand #1 and so request TXT first or
> request neither SPF nor TXT.
> Publishing only SPF type records would double an SMTP client's
> DNS costs.
> Pubishing both SPF and TXT would not help well mantained SMTP
> servers, but cost maintenance complexity and so potential errors.
> Therefore, it is best to publish only TXT for well maintained
> SMTP servers.
> Badly maintained SMTP servers are likely to only check TXT records.
The rational course would be to set a sunset date on TXT style spf
records. April 2016 looks like a good date. 10 years after RFC
4408 was published.
> Unlike the situations with IPv6 and DNSSEC, there are only costs
> and no benefits for rational operators SMTP clients or servers to
> change those two tactics.
>
> Those interested in wider perspectives about SPF and TXT RRs than any
> single domain or the perceptions of SPF enthusiasts might consider the
> tables reporting surveys in RFC 6686. One can ignore everything
> specifically about SenderID and read only about popularity of SPF and
> TXT records. https://www.rfc-editor.org/rfc/rfc6686.txt
>
>
> Vernon Schryver vjs at rhyolite.com
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the bind-users
mailing list