In message <20120307000814.29422.qmail@xxxxxxxxx>, "John Levine" writes: > >> > Last month I ran into a guy on the dmarc list who complained that his > >> > server returns NOTIMP in response to queries for SPF records ("because > >> > it doesn't implement them") and clients were doing odd things. But > >> > it's been a long time since I've run into anyone else like that, so I > >> > agree, it's not an issue. > > In case it wasn't clear, this is an authoritative server. A authoritative server should be returning NOERROR / NXDOMAIN not NOTIMP provided the zone loads otherwise SERVFAIL if the load fails for any type other than those in the reserved meta type range. If the data isn't in the zone and the name is in use NOERROR is the response you send. If the name isn't in use NXDOMAIN is the response you send. Failure to load all of the zone is supposed to stop any of it being served according to RFC 1035. If you want to be a nameserver developer you don't stop counting at 1035. The meta type range was initially reserved in RFC 2929 (Sep 2000). > >A RFC 1035 recursive server should be able to handle SPF. It's > >just a opaque data blob to it with a name, type, class and ttl > >attributes. > > Agreed. Other than a few dusty Suns still running obsolete BIND 4.x, > I don't know of any DNS caches that have problems with arbitrary RRs. > > R's, > John -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@xxxxxxx _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf