-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Meng Weng Wong writes:
| - 2.1: needs mention of what SPF clients should do if there's more than
| one TXT record on the domain -- presumably they should pick the first
| TXT record to begin with "v=spf${VERSION}" where ${VERSION} is a version
| of SPF they can grok?
I'll introduce concatenation:
"v=spf1 a"
"v=spf1 mx"
"v=spf1 default=deny"
would be equivalent to
"v=spf1 a mx default=deny"
Hmm...
quick question: will a single TXT query return *all* TXT records for that
query? Or will it require resolver-level iteration?
I'd be concerned about number of queries required, in the case of the
latter. But as far as I can see it's the former.
Also Rob Kaper said:
| - 2.1: needs mention of what SPF clients should do if there's more than
| one TXT record on the domain -- presumably they should pick the first
| TXT record to begin with "v=spf${VERSION}" where ${VERSION} is a version
| of SPF they can grok?
I'll introduce concatenation:
I believe the question also applies to completely irrelevant TXT entries,
but those would return in a syntax error and thus "unknown" anyway.
Yes, I was asking with regard to things like
jmason.org. IN TXT "if case of zone brokenness, ring +353-1-1010101, or
email <jm(_at_)example(_dot_)com>"
jmason.org. IN TXT "v=spf1 ...."
This -- at least at one stage -- was an informal convention, for providing
zone support data and comments, if I recall correctly.
Now the only remaining question is:
What do we do if we see
"v=spf1 a mx default=deny default=allow"
Should SPF parsers:
1) declare a syntax error and abort returning unknown?
(1) gets my vote.
Finally, another minor nit: 3.5.1 notes:
The <directive-set> could even include another LocalPart lookup. As
with <Include> mechanisms, SPF clients are REQUIRED to support
recursion to a depth of 6 lookups.
but 3.6.* -- the "include" section -- never mentions a 6-lookup limit for
"include".
Also, IMO, it might be helpful to specify what to do in case of "include
loops", ie.
example.com IN TXT "v=spf1 include:example.org default=unknown"
example.org IN TXT "v=spf1 include:example.com default=unknown"
Is the idea to just try it anyway until it hits 6 lookups, or should an
SPF client "know" that it's already included 'example.com' and ignore
that?
- --j.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Exmh CVS
iD8DBQE/mWWVQTcbUG5Y7woRAi6oAKDjbXpOJLN49fl7nAXoa7Z3i0yjXwCeKxlL
CzEk/BMV4CFc0MMHCeogw0c=
=H+sh
-----END PGP SIGNATURE-----
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.txt
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#�«Mo\¯HÝÜîU;±¤Ö¤Íµø�?¡