spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Re: DNS lookup limit?

2005-02-28 11:36:54
from [Radu Hociung] [Permanent Link] 


jpinkerton wrote:

You read my mind. Yes, it will be the spfcompile program, similar to
spfquery, and it will do exactly what you describe. The most tricky will
be to maintain the effects of left to right evaluation, so that you can
have -1.2.3.0/24 +1.2.0.0/16 still yield the same results, even though
you merge together the IPs with the same prefix into the largest
possible CIDR blocks.

The other needed application is a *virus checker* for SPF records, that
would detect loops, and other errors, like:

example.com. TXT "v=spf1 a {more stuff} include=spf.%{d} -all"
spf.example.com. TXT "v=spf1 {whatever} -all"
*.example.com. TXT "v=spf1 a {more stuff} include=spf.%{d} -all"

Which works fine for user(_at_)example(_dot_)com, but not so well for
user(_at_)gotcha(_dot_)example(_dot_)com



I'd like to suggest that this would be MUCH more useful as some kind of

web enabled tool than

as an application.  The population of record publishers is much more

technically diverse than

the population of record checkers.
I disagree that it would be *more* useful in on form than the other. But I do agree that two interfaces would be greatly beneficial.
The command line tool will be used with makefiles, so the admin still maintains the wordy version of the record, then the compiler optimizes it and the zone file includes the optimized output. For those with several domains to administer, this is the solution that is needed.
For the casual publishers who have one domain and don't need to make changes very often, the web interface would be more useful.
I will be happy to make the C function that does the optimization easily portable and compilable to either format, but I would prefer if someone else would send me the patch that allows the web-version to be made as well from the same code base. 


Greetings,
Radu.

-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Read the whitepaper!  http://spf.pobox.com/whitepaper.pdf
To unsubscribe, change your address, or temporarily deactivate your subscription, please go to http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com

Attachment: radu.vcf
Description: Vcard

[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Re: Email Forwarder's Protocol ( EFP ), David MacQuigg
Next by Date:  Re: What is the status of support, then? (Was: Undefined symbols SPF_<blah> in libspf2-1.2.0), Hannah Schroeter
Previous by Thread:  Re: Re: DNS lookup limit?, jpinkerton
Next by Thread:  URGENT REQUEST: Change the webpage please, Koen Martens
Indexes:  [Date] [Thread] [Top] [All Lists]