Martin G. Diehl wrote:
I had seen messages mentioning cases where perhaps 100
DNS transactions would be needed to get the SPF record
That's another issue. If you have the SPF record, it can
contain stuff like IPs or "all" interpreted directly, or
"mx", "ptr", "a" resulting in further DNS queries. Plus
special cases like "redirect=" where you'd fetch another
SPF record (= another DNS query).
These evaluations are limited to 10 additional queries,
allowing 10 MX per "mx and 10 PTRs per "ptr", so that the
worst case is 1 (1st query) + 10 (mechanisms) + 10 * 10
(max. MXs or PTRs if all mechanisms were "mx" or "ptr").
Maybe Wayne tunes this in draft 01-pre??. Maybe he tells
us what he's doing. The IETF is in its 62nd meeting, no
new I-Ds published at the moment.
Bye, Frank