spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Re: DNS lookup limit?

2005-02-28 01:55:11
from [jpinkerton] [Permanent Link] 

----- Original Message -----
From: "Scott Kitterman" <spf2(_at_)kitterman(_dot_)com>
To: <spf-discuss(_at_)v2(_dot_)listbox(_dot_)com>
Sent: Monday, February 28, 2005 7:22 AM
Subject: Re: [spf-discuss] Re: DNS lookup limit?



...... Original Message .......
On Sun, 27 Feb 2005 23:57:39 -0500 Radu Hociung <radu(_at_)ohmi(_dot_)org> 
wrote:

Frank Ellermann wrote:



one of the features I'm planning for the libspf2 1.0.6
release is an optimizer. The optimizer would take in an SPF
record, and print out the minimalist equivalent SPF record,



That's a nice idea.  You could flag redundant IPs (covered by
more than one mechanism), find a minimal CIDR variant, etc.

That sounds more like an application than library functions.


You read my mind. Yes, it will be the spfcompile program, similar to
spfquery, and it will do exactly what you describe. The most tricky will
be to maintain the effects of left to right evaluation, so that you can
have -1.2.3.0/24 +1.2.0.0/16 still yield the same results, even though
you merge together the IPs with the same prefix into the largest
possible CIDR blocks.

The other needed application is a *virus checker* for SPF records, that
would detect loops, and other errors, like:

example.com. TXT "v=spf1 a {more stuff} include=spf.%{d} -all"
spf.example.com. TXT "v=spf1 {whatever} -all"
*.example.com. TXT "v=spf1 a {more stuff} include=spf.%{d} -all"

Which works fine for user(_at_)example(_dot_)com, but not so well for
user(_at_)gotcha(_dot_)example(_dot_)com


I'd like to suggest that this would be MUCH more useful as some kind of

web enabled tool than

as an application.  The population of record publishers is much more

technically diverse than

the population of record checkers.

If some will write the tool, I don't think finding a volunteer host will

be

a problem.


Correct - - I have always offered to host tools of this nature - especially
if they are idiot-proof ;-)


Slainte,

JohnP.
johnp(_at_)idimo(_dot_)com
ICQ 313355492
YahooIM j_pinx
AIM johnpinx
Skype johnpinx














Scott Kitterman

-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Read the whitepaper!  http://spf.pobox.com/whitepaper.pdf
To unsubscribe, change your address, or temporarily deactivate your

subscription,

please go to

http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Re: Microsoft SMTPSVC and DSNs, Peter Karsai
Next by Date:  Re: Re: Email Forwarder's Protocol ( EFP ), Alex van den Bogaerdt
Previous by Thread:  Re: Re: DNS lookup limit?, Scott Kitterman
Next by Thread:  Re: Re: DNS lookup limit?, Radu Hociung
Indexes:  [Date] [Thread] [Top] [All Lists]