On Mon, Nov 17, 2003 at 10:19:04AM -0600, Dustin Trammell wrote:
|
| However, if by not utilizing the feature we also make the assumption
| that a PTR will have a single record, then we will be ignoring the RFC.
| I don't see any way to ignore that PTRs may have multiple records and
| comply with the RFC concurrently. I suggest we comply with the RFC and
| check for multiple PTR records per address.
|
I have no problem with multiple PTRs. The latest phrasing is:
5.4 'ptr'
This mechanism tests if the <sending-host>'s name is within a
particular domain.
PTR = 'ptr' [ ':' domain-spec ]
First <sending-host>'s name is looked up using this procedure:
perform a PTR lookup against the <sending-host>'s IP. For each
record returned, validate the host name by looking up its IP address.
If the <sending-host>'s IP is among the returned IP addresses, then
that host name is validated.
Check all validated hosts to see if they end in the <target-name>
domain. If any do, this mechanism matches. If no validated hostname
can be found, or if none of the validated hostnames end in the
<target-name, this mechanism fails.
This mechanism matches if the <target-name> is a parent node of the
<sending-host>, or if the <target-name> and the <sending-host> are
the same. For example: "mail.example.com" is within the domain
"example.com", but "mail.bad-example.com" is not. If the
<target-name> is hostname, a match results.
Here is some perl pseudocode.
my ($sending_host, $target_name) = (some_ip, domain_spec);
my @validated_host_names = ();
foreach my $ptr_host_name (ptr_lookup($sending_host)) {
foreach my $ip (a_lookup($ptr_host_name)) {
push @validated_host_names, $ptr_host_name if $ip eq $sending_host;
}
}
return "match" if grep { $_ eq $target_name or /\.$target_name$/ }
@validated_host_names;
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.6.txt
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡