On 02/14, Jonas Eckerman wrote:
> * I think you should follow conventions in DNS naming, using an
> underscore to signify that the DNS record is a "special" type of record.
> This is quite common.
I didn't like this idea, but I have realized it's the right thing to do.
Now should I use _mtx, or MTAMark style _smtp._srv?
40.152.71.64._mtx.panic.chaosreigns.com
40.152.71.64._smtp._srv.panic.chaosreigns.com
_mtx is sexier - shorter.
_smtp._srv is potentially useful for more things, but I can't think of
anything. Maybe google wave. 6 characters longer. And I like that "mtx"
explicitly indicates "transmitting", although not an extremely important
distinction. Other protocols can create their own subdomain.
On 02/14, dar...@chaosreigns.com wrote:
> Yeah. I'm thinking of using the 4th octet to indicate participation, and
> the third octet to indicate delegation.
I screwed that up.
Not participating is functionally identical to "neutral".
4th octet:
0 Neutral: Should not be penalized anymore than non-participating domains.
1 SoftFail: Subject to further scrutiny (greylisting, SA +1).
2 HardFail: Reject.
The existing two scores:
Pass: Obvious.
Fail: Includes all of the other results: Neutral, SoftFail, and HardFail.
3rd octet indicates delegation of 4th octet value to subdomains:
0 Applies to this domain and all subdomains.
1 Applies to this domain, ask subdomains if they're participating.
Also, I'm now less worried about domain boundaries. Worst case, you could
check for the _mtx subdomain at the 3rd and 4th level
(_mtx.chaosreigns.com, _mtx.state.nh.us, respectively). Are there any
cases where you need to check the 5th? And you could use a list of known
domains to skip some guessing.
So:
_participant._mtx.chaosreigns.com. IN A 127.0.0.2
Means HardFail anything from chaosreigns.com and any subdomain that doesn't
have an MTX record.
--
"The whole aim of practical politics is to keep the populace alarmed --
and hence clamorous to be led to safety -- by menacing it with an endless
series of hobgoblins, all of them imaginary." - H. L. Mencken
http://www.ChaosReigns.com
