Re: TXT Records

I think that the performance of the reference implementation of SPF isimportant. This leads me to wonder if we should perform some set of theDNS lookups and mechanism evaluations in parallel. For example:


   Extract the ordered list of mechanisms.
   While list not empty do

extract initial subset whose 'result's are the same (i.e. getthe list of '+' from the front)

      initiate DNS lookups in parallel
      while pending lookups do
            get result
            if mechanism matches, then return result.
       done
    done

There are various complications associated with include and redirect,but I'm sure that these can be handled.


Note that this works nicely for cases like:

      v=spf1 a mx ptr:%{d2} -all

It *may* initiate more lookups than necessary, but the latency will(almost certainly) be lower. Of course, you could just perform all thelookups and then evaluate until you get an answer -- but that is evenmore complex.

If the reference implementation goes to these lengths, then it willeliminate a criticism that the specification is inherently unusable forperformance reasons.

It *may* also be that the spec needs to note that mechanisms may beevaluated out of order, but the overall result of an SPF check is asthough the mechanisms were evaluated from left to right. The reason thatthis makes a difference is that you might have a complex SPF record thattriggered DNS lookups that had side effects (e.g. recorded an entry intoa log file).


Just my late night ramblings....

Philip

Jonathan Steinert wrote:

I need to just point out; If we keep adding things to do in DNSlookups in a serial order, the time it takes to do an SPF lookup goesup and up and up.
I'm not saying that these aren't good ideas, but we need to realizethat the tradeoff is in longer SPF lookup times. The trouble is thatSPF is being designed to be fast enough to run at message acceptancetime, and on high load servers it's bad to keep a connection open forlong.
--Jonathan



--
Philip Gladstone
* Check out the live pondcam at http://pond.gladstonefamily.net

-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.6.txt

To unsubscribe, change your address, or temporarily deactivate your subscription,please go to http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡

smime.p7s
Description: S/MIME Cryptographic Signature

<Prev in Thread]	Current Thread	[Next in Thread>
TXT Records, Marc Re: TXT Records, Philip Gladstone Re: TXT Records, Jonathan Steinert Re: TXT Records, Justin Mason Re: TXT Records, Jesus Duarte Re: TXT Records, Roy Badami Re: TXT Records, Ask Bjørn Hansen Re: TXT Records, Roy Badami Re: TXT Records, Ask Bjørn Hansen Re: TXT Records, Roy Badami Re: TXT Records, Philip Gladstone <= Re: TXT Records, Jasper Wallace Re: TXT Records, Jonathan Steinert Re: TXT Records, Jasper Wallace Re: TXT Records, Ask Bjørn Hansen Re: TXT Records, Jasper Wallace Re: TXT Records, B. Johannessen Re: TXT Records, Dan Boresjo Re: TXT Records, Jonathan Steinert Re: TXT Records, Dan Boresjo Re: TXT Records, John Capo