On Mon, 2004-04-12 at 10:34, Roy Badami wrote:
The SPF spec needs to specifically address the issue of whether
multiple strings are allowed, and if so what they mean and whether any
recommendations as to their use.
A distinction also probably needs to be made between discussion of
multiple strings on the publishing side and on the receiving side;
Using the multi-string example where each element of the SPF record was
in a separate string ("v=spf1" "a" "mx" etc..) in the zone file (I
believe it was BIND), the implementation in question appeared to
concatenate those strings with spaces when it loaded the zone file, and
then served the record out as the single string. If the string ended up
a greater length than the 255 character limit, it broke it back out into
multiple strings at that breakpoint.
Using spaces seems to make perfect sense for a nameserver when loading
separate string elements from a zone record, but it does not seem to
make sense when reconstructing a record as handed to you via a DNS query
of that server, IMHO, due to the fact that the string may be broken in
the middle of non-whitespace at whatever arbitrary breakpoint your
nameserver implementation is dealing with.
--
Dustin D. Trammell
Vulnerability Remediation Alchemist
Citadel Security Software, Inc.