On söndagen den 27 april 2008, David Woodhouse wrote:
> If the record is _just_ "-all" then that's fair enough -- and that can
> be done with a dnsdb lookup. But unless I misread your ACL, you'll alco
> be rejecting mail based on even the idiotic SPF records which list a few
> 'genuine' hosts followed by -all, with the fundamental misunderstanding
> of SMTP that that entails.
That's how it's supposed to work (provided that those hosts are in fact the
*only* genuine hosts), so I fail to see what's so idiotic about it. Before
rejecting mail that fails the check you of course have to allow for the case
that the recipient has set up a forwarding from elsewhere to your server.
Failure to do that indicates a fundamental misunderstanding of SMTP on the
receiver's part, not on the part of the publisher of the SPF record.
--
Magnus Holmgren holmgren@???
(No Cc of list mail needed, thanks)
"Exim is better at being younger, whereas sendmail is better for
Scrabble (50 point bonus for clearing your rack)" -- Dave Evans