How about just doing a lookup:
<ip-addr>.<sender>.HELO@<helo>.lookup.spf.gladstonefamily.net
This returns 127.0.0.2 if the SPF lookup result is FAIL, NXDOMAIN otherwise.
Note that it doesn't work for lookups to my domain as the code is all
single threaded..... (but that could be fixed)
Try:
dig
1(_dot_)2(_dot_)3(_dot_)4(_dot_)philip(_at_)altavista(_dot_)com(_dot_)HELO@foo.bar.lookup.spf.gladstonefamily.net any
to test it.
Philip
Greg Connor wrote:
Regarding complaints that SPF is "too complex" ... I wonder if it
would help or hurt the cause to have some recommendations for a
"minimal" implementation of SPF. This might address concerns such as
Eric Allman's "must be doable in rules"...
Something like, "If the receiving mail system does not support certain
mechanisms, such as exists, include, redirect, or anything containing
macro expansions, the result should be "unknown" and processing should
stop. For example if the spf info for a domain is
v=spf1 +a +mx +exists:%{i}.%{s}.spf.domain.com -all
then processing would return "Pass" if the A or MX tests pass, and if
the client does not implement exists or the macro expansion, then
processing should return "unknown" and not continue on to the -all
directive.
The absolute minimum for SPF compliance is support for a, mx, ptr, and
ip4/ip6 ranges. This should cover the published SPF info for most
domains."
Personally, I think any SPF implementation that doesn't implement
everything in the draft will be found to be deficient and replaced
with something better, quickly. I think it's more about giving people
options and being able to say SPF is flexible enough to meet
*everyone's* needs, even if they choose not to use the whole thing...
In other words I don't expect many "incomplete" implementations, but I
am floating this suggestion so we might have something to answer those
objections right now, even if we believe the objection would have been
(will be) resolved on its own some better way later.
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.4.txt
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡