[ietf-dkim] RE: I think we can punt the hard stuff as out ofscope.
dotis at mail-abuse.org
Sat Jun 9 11:25:00 PDT 2007
On Jun 9, 2007, at 10:48 AM, Hector Santos wrote:
> Jeff Macdonald wrote:
>> On Sat, Jun 09, 2007 at 07:51:51AM -0700, Douglas Otis wrote:
>>> The discovery process itself might provide a solution. For a
>>> message to contain a valid email-address, the domain of this
>>> address MUST locate either an MX or A record. The DKIM WG could
>>> strongly recommend A record discovery be deprecated, and that
>>> only MX records be used for discovery. Within a few years, it
>>> should be possible to obsolete use of A record discovery. An
>>> email-address would not be valid without an MX record. This
>>> would mean that policy placement adjacent to the MX record would
>>> be the only location any policy record would need to exist. In
>>> this case, the discovery process itself indicates whether or not
>>> the sub-domain is USED/UNUSED.
>> Are you referring to the process that some MTAs follow? For
>> example, if
>> a MTA needs to deliver a message, it is suppose to find a MX for the
>> right hand side of the email address and deliver it to the eventual A
>> record (Hector's claim that some MX records return IPs confused me).
> I was referring to MX expansion and how each DNS client within a
> SMTP client may behave. More below.
>> Some MTAs, when they don't find an MX record, just lookup an A record
>> instead and deliver to the resulting IP.
>> If that's the case, shouldn't the deprecating of A lookups when a MX
>> lookup fails be brought to the SMTP group?
> Yup, and IMO, I can almost guaranteed the idea will be killed
> ASAP. I would vote against it.
> I seriously doubt people will begin to screw around with their
> various retries logic. Plus, you are going to hear those who say
> MX is about inbound, not outbound and "Never The Twain Shall Meet."
This is not about using MX records as a means to resolve an outbound
path. This is only about confirming the domain used in an email-
address simply exists. Existence is determined by the mere existence
of records used to discover the inbound path for the email-address.
This does not require that inbound and outbound servers be one-in-the-
"Proof of use" would not require that any IP address match that of
the SMTP client, or that the email-address domain associated with an
MX also provide an A record, or that an A record actually locate an
More information about the ietf-dkim