On Sunday, January 29, 2012 02:56:21 PM Alessandro Vesely wrote: > On 28/Jan/12 16:21, Scott Kitterman wrote: > > On Saturday, January 28, 2012 01:09:40 PM Alessandro Vesely wrote: > >>>>>> How does the domain owner receive reports of others > >>>>>> trying to use the domain to send mail? If the domain > >>>>>> owner has said via the SPF record that the domain doesn't > >>>>>> send mail, I would be highly surprised if the domain > >>>>>> owner has configured anything to accept mail at that > >>>>>> domain. > >>>>> > >>>>> If he wants to get the reports, he'd better. > >>>> > >>>> Do we need to call out this (somewhat obvious) situation in the > >>>> draft? > >>> > >>> I hope we don't need to say that if you ask for reports you aren't > >>> going to get them unless you configure your system to accept them. > >> > >> Derek's concern seems legitimate to me. Although John's note may seem > >> obvious, let me recall that SPF is rather weak at checking helo names > >> because of a very similar reason. We are demanding too much diligence > >> from domain admins, for a task they can achieve more easily by tracing > >> an included exists mechanism. > > > > Why is SPF 'weak' at checking HELO names? I think I misunderstand > > something about the premise of your statement. > > I just notice that admins don't bother publishing a record for each > and every host that mails out, although they publish one for the domain.
I agree it's less deployed, but I wouldn't call that weak. > > What diligence are we asking for that is too much? > > They should additionally publish an MX, for the sole purpose of > collecting failure reports. We could as well ask to deliver them via > pony express. An A record is sufficient. Scott K _______________________________________________ marf mailing list [email protected] https://www.ietf.org/mailman/listinfo/marf
