[Mimedefang] Only MX record is fake
kd6lvw at yahoo.com
kd6lvw at yahoo.com
Fri Nov 18 14:04:28 EST 2011
--- On Fri, 11/18/11, Kris Deugau <kdeugau at vianet.ca> wrote:
> kd6lvw at yahoo.com wrote:
> > ...
> > (while those idiots still resolving ONLY TXT-RRs for SPF will get
> > "v=spf1 +all").
>
> Some <ahem> "idiots" are still using DNS infrastructure that does
> not support the formal SPF RR type.
>
> The current stock BIND package on RHEL5 (and any of the
> source-rebuild derivatives), for instance...
BIND has supported the SPF-RRtype since the fall of 2006. Even RFC 4408 itself declared the use of TXT-RR's as temporary until its own RR-type was allocated, of which the IANA notes was done in late 2005.
Considering all the bugs, exploits, and other issues (such as DNSSEC implementation in the DNS root and elsewhere), if one can't afford to upgrade his software to something reasonably current, such boxes don't deserve to be on the Intenet. I stand by my statement. Being at least aware of current events is every system adminstrator's responsibility.
More information about the MIMEDefang
mailing list