On Mon, 10 May 2004, Tony Finch wrote:
SPF needs to make the case that SPF interpretation is *not* turing
complete, and has bounded execution in time and space.
I thought that (in the absence of the "processing limits" section in the
specification) SPF might be Turing complete. It supports general-purpose
recursion, it has conditional constructs, and it allows the argument to
the recursive call to be altered programmatically. However I haven't yet
managed to work out how to write a conditional that does anything useful.
Good point. If SPF turns out to be turing complete, then the spec should
require a recursion limit. Otherwise, there is no way to bound time or
memory for interpreting an SPF record. Currently, the spec allows
an implementation to check for recursive loops - or provide a fixed limit
of at least 20 levels. If SPF is turing complete, then a DOS attack
could serve an SPF record with a non-terminating, but non-looping
program. In that case, the fixed limit of 20 levels should be mandatory.
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.