spf-discuss
[Top] [All Lists]

Re: Draft ammendments on DNS lookup limits

2005-03-18 15:04:03
Scott Kitterman wrote:
OK.  I'd have to figure out how to get the updated record (from flatten)
published, but I imagine that's manageable.

I use a zone template file, and using a Makefile I can update it any
time anything in my zone changes. This system works very well.

I don't think that my situation is to far outside the norm, so I do think
your limits are a bit low.  Basically it seem that you want almost everyone
with anything other than the simplest of situations to have to go to the
added complexity of compiling and updating the record.  I'd say start with a
higher limit and then push to have it reduced over time.  If you start with
the limit to low (and I think 10 is to low), you'll just drive people away.
If efficiency is really required, people will push for it, but I think it's
really to soon to know if it's a major issue.  Heck, if it's a really big
problem, we'll all probably end up using CSV.

Well, I think whatever limit we chose now, will remain the limit for the rest of time. It will be much more difficult to change it later than to do the "right thing" from the beginning.


Now, looking at your results, some things seem amiss.  Here's my current
record:


Thank you for looking into the results more closely. I did the
following massaging to the ouput of the utility, and thus I added
a couple of extra 'bugs':

- formatted the text for inclusion in email.
- manually added the # of queries based on a quick visual
  inspection. It seems I did it wrong. The release version of the
  utility will automatically evaluate the resulting record, but
  it does not do it yet.

The spfcompile program needs more work, and I could use some
beta-testing help. I would have not included its output if I
werent' challenged to show a less expensive record.

I think your megapath ISP should be smacked for needlessly
publishing such an expensive record. Their compiled record looks
like this:

spfcompile -sender s(_at_)megapathdsl(_dot_)net

  Compiled record (10 mechs, len 155):

  v=spf1 ip4:66.80.60.21 ip4:66.80.60.20 ip4:66.80.60.31
  ip4:66.80.60.30 ip4:66.80.60.32 ip4:66.80.60.37 ip4:66.80.60.36
  ip4:66.80.60.38 ip4:66.80.130.3 -all


Suposedly they are in control of all their servers, so they can list
their IPs, instead of references to them.

Regards,
Radu.

PS. You're right, I did not spend much time looking at your SPF record.

-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Read the whitepaper!  http://spf.pobox.com/whitepaper.pdf
To unsubscribe, change your address, or temporarily deactivate your subscription, please go to http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com

Attachment: radu.vcf
Description: Vcard