[Mimedefang] Only MX record is fake
Kevin A. McGrail
KMcGrail at PCCC.com
Fri Nov 18 12:12:00 EST 2011
On 11/18/2011 10:36 AM, Kris Deugau wrote:
> kd6lvw at yahoo.com wrote:
>> Any spammer stupid enough to try to send his spew forging this host
>> name as the sender address will also face an SPF-RR "v=spf1 -all"
>> (while those idiots still resolving ONLY TXT-RRs for SPF will get
>> "v=spf1 +all").
> Some <ahem> "idiots" are still using DNS infrastructure that does not
> support the formal SPF RR type.
The RR type is ONLY a forward path and the RFC is so non-strict that SPF
is likely going to be seen in TXT records for at least a decade if even
really gone. And I know that MANY major players that perform outsourced
DNS uses TXT.
As noted in the RFC, even the examples in the RFC still use TXT and
theoretically should have both RR and TXT but it's a SHOULD in rfc-ease
which is overrun by the MUST have one type which means that client
implementations MUST check both RR and TXT.
More information about the MIMEDefang