I am not saying I do not know how to handle it. I am just saying that when a
proposed solution breaks with the rules and interpretation of existing
standards it brings into question the validity of the rfc.
I will give one example just given to me on another list where spf will not
even slow spam on zombies.
Spammer solution is simple. Take several lists of the zombie ip addresses
and create a simple program that makes tight spf records by updating the dns
just before sending the spam. Then our receiving server will test the spf of
adgafdgh.com and get valid and tight spf records for that domain because the
zombies are listed as valid sending ip. Thus spam get through and spf is
useless. All spf will do is increase the spammer's programming and load on
our server. Spam from zombies will continue to come through. They will just
be listed on some spf records.
They will just no longer spoof return addresses.
----- Original Message -----
From: "Mark" <admin(_at_)asarian-host(_dot_)net>
To: <spf-discuss(_at_)v2(_dot_)listbox(_dot_)com>
Sent: Friday, July 30, 2004 1:23 PM
Subject: Re: [spf-discuss] mail administrator certification example
Paul Howarth wrote:
John Keown wrote:
I did not make the rule for the notation. That are part of the
binary number system. The total space is the 32 bit octal address
space. Therefore there are certain mathematical restrictions imposed
by both the binary and octal notation. The /xx defines that as some
power of 2 a /24 is 2 to 8 power. or 256. a / 25 is 2 the 7 and etc.
No, the /xx means use the leftmost xx bits (only). That's why it's
called the "prefix length". People may choose to implement it using
multiplication and/or division operators but there's no need at all
to do so.
Implementing this using real multiplication and/or division instructions
would be a rather odd way to go about things. If you have a number in a
register, say, AX, you could divide by 4, using SHR AX,2; or multiply by
8,
using SHL AX,3 (and so forth). You could even emulate a /24 netmask, using
SHR AX,8 + SHL AX,8 for a combo (which would still be better than using
real
division, as it clears out the lower 8 bits). Still, nothing beats a
simple
AND, of course.
- Mark
System Administrator Asarian-host.org
---
"If you were supposed to understand it,
we wouldn't call it code." - FedEx
-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Send us money! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com