Mukund Sivaraman <> wrote:

> We settled on using a zone representation as it used existing zone
> transfer protocol (and authorizations) and would involve minimal changes
> for both implementations and operations vs. inventing a new protocol.

I want to emphasize this point.

In my previous job running MXs it was amazingly easy to do in-band SMTP
call-forward address verification - one configuration was able to verify
addresses at dozens of departmental mail servers with all sorts of
different configurations. Trying to talk to each department's LDAP service
(if they had one) would have been a nightmare.

In my current job, I can provide a catalog zone and a bit of configuration
advice to make it much simpler for my colleagues to run stealth
secondaries - no need for them to adjust firewalls or scripts etc.

f.anthony.n.finch  <>  -  I xn--zr8h punycode
Fair Isle, Faeroes, Southeast Iceland: Easterly or northeasterly 5 to 7,
occasionally gale 8 in Fair Isle. Moderate or rough, occasionally very rough
later. Rain or showers. Good, occasionally poor.

DNSOP mailing list

Reply via email to