...... Original Message .......
On Sun, 27 Feb 2005 23:57:39 -0500 Radu Hociung <radu(_at_)ohmi(_dot_)org>
wrote:
Frank Ellermann wrote:
one of the features I'm planning for the libspf2 1.0.6
release is an optimizer. The optimizer would take in an SPF
record, and print out the minimalist equivalent SPF record,
That's a nice idea. You could flag redundant IPs (covered by
more than one mechanism), find a minimal CIDR variant, etc.
That sounds more like an application than library functions.
You read my mind. Yes, it will be the spfcompile program, similar to
spfquery, and it will do exactly what you describe. The most tricky will
be to maintain the effects of left to right evaluation, so that you can
have -1.2.3.0/24 +1.2.0.0/16 still yield the same results, even though
you merge together the IPs with the same prefix into the largest
possible CIDR blocks.
The other needed application is a *virus checker* for SPF records, that
would detect loops, and other errors, like:
example.com. TXT "v=spf1 a {more stuff} include=spf.%{d} -all"
spf.example.com. TXT "v=spf1 {whatever} -all"
*.example.com. TXT "v=spf1 a {more stuff} include=spf.%{d} -all"
Which works fine for user(_at_)example(_dot_)com, but not so well for
user(_at_)gotcha(_dot_)example(_dot_)com
I'd like to suggest that this would be MUCH more useful as some kind of web
enabled tool than
as an application. The population of record publishers is much more
technically diverse than
the population of record checkers.
If some will write the tool, I don't think finding a volunteer host will be
a problem.
Scott Kitterman