Re: A 30% solution
2004-05-12 07:56:58
On 5/11/04 at 9:48 PM -0500, wayne wrote:
In the last jabber session I suggested using SPF or DMP as something
to use so that we could all be on the same page about what exactly
is meant by "semantics" vs "data" vs "identities", etc.
My concern (and I suppose that of others) is that by looking at a
proposal that already had a solid syntax, we'd end up conflating the
syntax and semantics in unproductive ways during the discussion.
The MARID records will contain entries that (when fully resolved)
will give the receiver two sets of IP addresses,
Two points:
1) SPF creates a set for "DNS errors" to deal with situations when
something can not be fully resolved due to a temporary name server
problem. I think this is an important set and should be kept.
2) You actually describe three sets. The third being the set of IP
addresses that are not known to be legitimate or illegitimate.
Actually, there is no third set in my model. What you get back is
either legitimate or illegitimate addresses. You never get back
addresses from the DNS which are marked "not known". It is only the
failure to find the client SMTP address in either the legitimate or
illegitimate sets that makes it "not known".
Because of that, I'm not sure that the "DNS error" set makes sense:
Failure to get back an address is failure to get back an address,
whether due to exhausting the records, or due to a temporary DNS
failure. However, a DNS failure might say something about the ability
to cache certain information; that's an interesting discussion point.
* The records
Would you envision the "MARID records" to be a RR set, or single RR
from the DNS point of view, but containing multiple "MARID records"?
As I think you already suspected, I was thinking in terms of multiple
RR's returned.
This is not just a syntactical issue. You can't depend on the order
of the records in a RR set
Really? As I understood, many systems depend on getting records back
in a particular order for round-robin applications. Or do you mean
that there is simply not a *guaranteed* order because UDP packets
might arrive out of order?
What happens if an IP address is in more than on set? Would a MARID
client need to process all MARID records in order to determine the
outcome, or can you short-circuit the checks?
I think it would be reasonable to say that an IP address appearing as
both legitimate and illegitimate is a "configuration error" for all
intents and purposes, and short-circuiting is a reasonable
optimization.
[...tracking...]
Can we add this kind of tracing/debugging tool to a pure set notation system?
There can likely be the "obvious" tracking, but since there is way in
my semantics to get the IP address that you are searching for into a
query (like you can with the "i" macro in SPF), you can't do the more
elaborate tracking that you may be looking for. Personally, though I
think it's a nifty feature, I don't think it's necessary.
pr
--
Pete Resnick <http://www.qualcomm.com/~presnick/>
QUALCOMM Incorporated - Direct phone: (858)651-4478, Fax: (858)651-1102
|
|