spf-discuss
[Top] [All Lists]

Re: SPFv1 is already extensible

2004-06-01 19:17:47
On Tue, 1 Jun 2004, David Nicol wrote:

1: Perl does not run strings through /bin/sh behind your back. Please
google for "taint checking" for endless discussion of Perl security.

Sorry - it was uncalled for and I spoke from ignorance (fed by others
just as ignorant).

2: The easiest way I know of to do custom DNS is to periodically rewrite
the configuration file for a DJBDNS tinydns installation and have the
tinydns re-read the configuration file.  This approach also works with
BIND of course, but IMVIACFO* tinydns zone files are easier to write
programatically.

That doesn't cut it in general.  The size of the address space can easily be
logically infinite - or at least astronomically large.  The whole point of
using exists to generalize SPF is to respond to the lookups in real time (with
reasonable caching).  With clever design, you might be able to implement some
situations as you suggested.

-- 
              Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
    Business Management Systems Inc.  Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.


<Prev in Thread] Current Thread [Next in Thread>