> On 02/14, Jonas Eckerman wrote: > > 1: The participation record is optional, so you only use it if you want > > "everything else" to be rejected.
On 14.02.10 14:48, dar...@chaosreigns.com wrote: > Yeah. I'm thinking of using the 4th octet to indicate participation, and > the third octet to indicate delegation. If you want to check participation, you should do it on different level, e.g. check chaosreigns.com before mail.chaosreigns.com. It of course requires more DNS lookups, but note that people who do not participate, will not set ANY record so checking 127.* won't help you. > Check for the MTX record first, and if it is 127.0.0.1 or 127.0.0.0 you can > skip this. > > 4th octet: > 0 Not participating. > 1 (or record not defined) Participating, everything not defined is valid > (like SPF neutral). > 2 Participating, other stuff might be valid (like SPF softfail). > 3 Participating, everything else is invalid (SPF fail). > > 3rd octet: > 1 All MTX records are at this level. > 2 All MTX records are at a subdomain. > 3 Check MTX records at this level and then the subdomain. > > > If the value of the 4th octet changes when going to a subdomain, you > could say to only check the 4th octet for participating or not if the > 3rd octet is 2 (all delegated to subdomain). Or you could use the most > restrictive of the two records. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. "Where do you want to go to die?" [Microsoft]
