On Tue, May 11, 2004 at 04:42:51AM -0400, Meng Weng Wong wrote:
I've updated the draft, please check the latest 200405 --- I believe
it already addresses this problem. You are limited to 20 recursions
total, not a depth of 20. (Recursions mean include/redirect operations.)
quote from draft:
If a loop is detected, or if more than 20 subqueries are triggered,
an SPF client MAY abort the lookup and return the result "unknown".
Isn't this way too relaxed?
What about:
If a loop is detected, or if more than 20 subqueries are triggered,
an SPF client MUST abort the lookup and return the result "error".
possibly with some explanation such as:
Incorrect setups do not necessarily mean a malicious act, however
it is of great importance the setup is corrected ASAP. Returning
"error" is an incentive for the domain to do just that.
cheers,
Alex
--
I ask you to respect any "Reply-To" and "Mail-Follow-Up" headers. If
you reply to me off-list, you'd better tell me you're doing so. If
you don't, and if I reply to the list, that's your problem, not mine.