In <NGBBLEIJOEEEBMEIAPBKEEHCIJAA(_dot_)scott(_at_)kitterman(_dot_)com> Scott
Kitterman <spf2(_at_)kitterman(_dot_)com> writes:
I'm still a bit uncertain what to do about 'moo'.
I look at:
"4.6. Record Evaluation
After one SPF record has been selected, the check_host() function parses and
interprets it to find a result for the current test. If there are any syntax
errors, check_host() returns immediately with the result "PermError".
Implementations MAY choose to parse the entire record first and return
"PermError" if the record is not syntactically well formed. However, in all
cases, any syntax errors anywhere in the record MUST be detected."
And I know that I MUST detect all syntax errors anywhere in the record, but
I'm not 100% sure what in the record means...
I assume that it is meant to include all of the text returned by the TXT/SPF
record query and so 'moo' should be detected and a PermError result.
That was my intent when writing that sentence.
I might (because I don't want monkey with the pySPF processing any more than
I have to :0) also think that once I've gotten to all/redirect/exp, there is
no way there can be anything valid after that no matter what is actually
present, so why bother?
Checking the entire record for syntax errors is cheap. Really.
I used egrep to run this regular expression over a list of 591475
SPF records that I had found in the .com domains and it took
1.25seconds on my 900MHz PIII.
Just use the regular expression to pre-check things.
Is there any kind of risk associated with terminating processing of a record
once all mechanisms/modifiers have been evaluated?
The risk is mostly in the area of finding syntax errors some times,
but not other times. If you have "v=spf1 a asd93.x8 &3l2 =20=20foo",
I think you should get a syntax error all the time, rather than just
when "a" doesn't match.
Part of the problem with using TXT records is that there may well be
all sorts of pre-existing data. The "v=spf1" magic number helps, but
doing complete syntax checking also helps make sure that unintended
records are not interpreted as SPF records.