spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: mail administrator certification example

2004-07-30 08:28:38
from [John Keown] [Permanent Link] 

----- Original Message ----- 
From: "Paul Howarth" <paul(_at_)city-fan(_dot_)org>
To: <spf-discuss(_at_)v2(_dot_)listbox(_dot_)com>
Sent: Friday, July 30, 2004 10:39 AM
Subject: Re: [spf-discuss] mail administrator certification example



John Keown wrote:

Below you can all see the spf records published by surgeweb.com. This is

an

example of good intentions of a mail administrator trying to do the

right

thing but lacking an understanding of the internet and ip space. You can

see

that the spf records for ip is incorrect. the did not specify a boundary
when describing the class c range. They used .1 not .0. I have sent 2

email

to the postmaster informing of his error and either he did not receive

the

emails, just ignored them or feel he is correct in his notation.

The end results is his spf records are useless as they do not parse
properly.


v=spf1 ip4:216.65.64.1/24 ip4:216.65.3.1/24 a:send1.surgeweb.com mx -all


Hmm.

Supposing there were DNS records:

smtp.example.com. A 192.168.1.1
mx.example.com. A 192.168.1.19
example.com. MX mx.example.com.
example.com. TXT "v=spf1 a:smtp.example.com/28 mx -all"


That would violate ip address notation and if spf accepts your example then
spf NEEDS to be fixed before it one has to re-write all routing table and
routers on the internet.

What I am saying is xxx.yyy.zzz.1/24 does not conform to ip4 address space
and has no meaning. Now if we ant to change the rules then we need to do
that.



Would your parser handle that record (which is definitely allowed by the

spec)

correctly, yet barf on:

example.com. TXT "v=spf1 ip4:192.168.1.1/28 ip4:192.168.1.19 -all"

(which might be viewed as an optimised version of the previous one)?

I'm with Jon Postel on this one: "Be liberal in what you accept, and
conservative in what you send".

Paul.

-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Send us money!  http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your

subscription,

please go to

http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Envelope Sender X From Header. How are you treating this?, Stuart D. Gathman
Next by Date:  Re: mail administrator certification example, Stuart D. Gathman
Previous by Thread:  Re: mail administrator certification example, Paul Howarth
Next by Thread:  Re: mail administrator certification example, Stuart D. Gathman
Indexes:  [Date] [Thread] [Top] [All Lists]