IETF Logo Mail Archive

Re: [spfbis] Last Call: <draft-ietf-spfbis-4408bis-19.txt> (Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1) to Proposed Standard

"Murray S. Kucherawy" <superuser@gmail.com> Thu, 22 August 2013 17:15 UTC

Return-Path: <superuser@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D00D321F9DFC for <ietf@ietfa.amsl.com>; Thu, 22 Aug 2013 10:15:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.215
X-Spam-Level:
X-Spam-Status: No, score=-1.215 tagged_above=-999 required=5 tests=[AWL=-1.217, BAYES_00=-2.599, HTML_MESSAGE=0.001, HTML_OBFUSCATE_10_20=2.601, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gWIwdPL7KDPM for <ietf@ietfa.amsl.com>; Thu, 22 Aug 2013 10:15:58 -0700 (PDT)
Received: from mail-wg0-x235.google.com (mail-wg0-x235.google.com [IPv6:2a00:1450:400c:c00::235]) by ietfa.amsl.com (Postfix) with ESMTP id 52A2E21F9950 for <ietf@ietf.org>; Thu, 22 Aug 2013 10:15:58 -0700 (PDT)
Received: by mail-wg0-f53.google.com with SMTP id c11so1877627wgh.8 for <ietf@ietf.org>; Thu, 22 Aug 2013 10:15:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=YhbkEtwnw4WVzn+OnB/UN3eyi/Gr2Dg897x4vXPuF3k=; b=JtB1otvVm/KZrgUiLJ3mjOy2xZiHJ2AwWa7xoe9eJ4BOobY2higHmHbYGtEpW04hs5 CUBK6OrSekNrSoEhgK0uEoGByQieJOCOZA2+hvND1gVNTbfZ63mbYeJjUJVYgcqruTho nBTCKCKvntztgmt3m5VWzrmQbDtIZkgK/W84S44lBrZYM83F8bT814wQDYVmiMgtD4Ji GS7/io09Qr2j+i+a/6bEqFyIfWYYrl77GXPLLFFxBTyt9xFe7zCEpP65Z0PjnurGW1UP A+JHKk7veeyTnBXnAObTUR4yJ0+nbTvWFV/pzF91DGbOZj/4XgtSLGxjXxRTiZMj/SHY JJRg==
MIME-Version: 1.0
X-Received: by 10.180.184.107 with SMTP id et11mr21878886wic.60.1377191756931; Thu, 22 Aug 2013 10:15:56 -0700 (PDT)
Received: by 10.180.125.36 with HTTP; Thu, 22 Aug 2013 10:15:56 -0700 (PDT)
In-Reply-To: <5215CD8D.3080302@sidn.nl>
References: <20130819131916.22579.36328.idtracker@ietfa.amsl.com> <20130819150521.GB21088@besserwisser.org> <20130819200802.GI19481@mx1.yitter.info> <521284A4.4050901@qti.qualcomm.com> <5212862F.3080507@qti.qualcomm.com> <5212873B.1010007@dcrocker.net> <CAL0qLwaPJSEXbEadyxcExDSbHg7RMDZ-YzfLztkHkvNF6WOOAQ@mail.gmail.com> <20130819214139.GB19946@mx1.yitter.info> <7D0CBAC9-1E0C-4F07-997E-E98942802884@ogud.com> <5215CD8D.3080302@sidn.nl>
Date: Thu, 22 Aug 2013 10:15:56 -0700
Message-ID: <CAL0qLwaaDarXWKWmOv7Q1EkYn+7q8AckP9Xjyxqvr-0aUZkW3g@mail.gmail.com>
Subject: Re: [spfbis] Last Call: <draft-ietf-spfbis-4408bis-19.txt> (Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1) to Proposed Standard
From: "Murray S. Kucherawy" <superuser@gmail.com>
To: Jelte Jansen <jelte.jansen@sidn.nl>
Content-Type: multipart/alternative; boundary="001a11c227ee75ab7804e48c7175"
Cc: ietf <ietf@ietf.org>, Olafur Gudmundsson <ogud@ogud.com>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Aug 2013 17:15:59 -0000

On Thu, Aug 22, 2013 at 1:36 AM, Jelte Jansen <jelte.jansen@sidn.nl> wrote:

> While I appreciate the argument 'this works now, and it is used'
> (running code, and all that), I am very worried that we'll end up with
> what is essentially a free-form blob containing data for several
> protocols at the zone apexes instead of a structured DNS.
>

With or without SPF, we're long past the point where worrying about that is
worthwhile.  Try a TXT lookup for ut.edu or banctec.com, for example.

When I did one of the surveys for RFC6686, it recorded the TXT RRs returned
for various domain queries.  The top ten in terms of record counts returned
back then (most have been cleaned up now):

+-----------+----------------------+
| count(id) | domain               |
+-----------+----------------------+
|        43 | wncy.com             |
|        43 | b93radio.com         |
|        43 | wtaq.com             |
|        29 | dealdirectsendz.info |
|        23 | voamn.org            |
|        18 | ut.edu               |
|        15 | aaronline.com        |
|        10 | dwgsecurity.com      |
|         9 | emergogroup.com      |
|         9 | banctec.com          |
+-----------+----------------------+

The top three were loaded with "google-site-verification=<hash>" records.
ut.edu and banctec.com have a mix of things.

-MSK

v2.23.0 | Report a Bug | By Email