On 02/14, Jonas Eckerman wrote: > 1: The participation record is optional, so you only use it if you want > "everything else" to be rejected.
Yeah. I'm thinking of using the 4th octet to indicate participation, and the third octet to indicate delegation. Check for the MTX record first, and if it is 127.0.0.1 or 127.0.0.0 you can skip this. 4th octet: 0 Not participating. 1 (or record not defined) Participating, everything not defined is valid (like SPF neutral). 2 Participating, other stuff might be valid (like SPF softfail). 3 Participating, everything else is invalid (SPF fail). 3rd octet: 1 All MTX records are at this level. 2 All MTX records are at a subdomain. 3 Check MTX records at this level and then the subdomain. If the value of the 4th octet changes when going to a subdomain, you could say to only check the 4th octet for participating or not if the 3rd octet is 2 (all delegated to subdomain). Or you could use the most restrictive of the two records. Still not feeling like I swallowed a cat. I think it could cause slower adoption to ask people to "Create this one record for all of your servers, and decide if you want to create this complicated hierarchical thing defining your participation." Perhaps spec out a version 2 including this to be implemented at a later time? > 2: Make it a policy record rather than a participation record, so you > can specify more stuff. Either a TXT record or a bitmaped A record for > example. Call it "_policy._mtx.*". That sounds likely to get complicated. Details? -- "Whatever you do will be insignificant, but it is very important that you do it." - Mahatma Gandhi http://www.ChaosReigns.com
