spf-discuss
[Top] [All Lists]

Re: ip4-cidr needs clarification

2003-10-26 14:14:40
On Sun, 26 Oct 2003, Meng Weng Wong wrote:

thanks for the input.  this is the new version.

is there an RFC that describes CIDR notation?  i'd like to be able to
just say "see rfcXXXX for details".

------------------------------------------------------------------------
3.7                               IP4
------------------------------------------------------------------------

   Valid syntax:
   - ip4:192.0.2.0/24
   - ip4:192.0.2.1

   An IP4 range is specified using network/prefix-length notation.  The
   network part is a dotted quad.  The prefix-length is a number between
   0 and 32 inclusive.  If no prefix-length is given, /32 is assumed.

   If the network-part contains non-zero bits beyond the specified
   prefix, this is a mild syntax error which SPF clients MUST tolerate
   by ignoring the non-zero bits.

Once apon a time, one of the junior sysadmins at the place i was working
added w.x.y.z/1 to the "relaying allowed subnets" setting of our main mta
(he didn't understand cidr notation, and thought /1 meant 'one host')

Our MTA allowed this, and we where an open relay for 1/2 the net (we caught
it in about 20mins later when his work was reviewed).

Given this operational expirence, I vote for 'bits set in the host portion
of a prefix' to be a syntax error, and ignored.

   If the connecting IPv4 client IP lies in the specified network, this
   mechanism matches.


-- 
[http://pointless.net/]                                   [0x2ECA0975]

-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.txt
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡


<Prev in Thread] Current Thread [Next in Thread>