It looks like SPF has the potential of being 1000X more efficient than CSV
in both number of DNS queries and cache sizes. I tried to bring this up on
the CSV mailing list, but they don't want to hear it. So I bring it up
here, in hopes of getting some check on my assumptions.
Assume:
2,000 zombies, widely distributed
50,000 emails from each zombie
100,000,000 recipient addresses, widely distributed
100,000 recipient domains
3 hops from sender to receiver
Then:
2000 senders --> 3 hops --> 100,000 receivers
approx. 150,000 MTAs needing to authenticate
Scenario E1: All DNS queries to rr.com
Total 150,000 queries, cached for 48 hours
Scenario E2: DNS queries to 1000 servers, widely distributed
Typical server: serv138.austin.rr.com
150,000 MTAs x 1000 servers = 150,000,000 queries !!
Client caches are 1000X larger, and 1000X less
likely to hit.
The CSV folks will insist on discussing the *worst case* for SPF, and that
looks like maybe 100X more queries than CSV, but even with all those
queries, the result is typically a few records for a sizable domain, so
caching should still be effective.
If I'm right, we really need a way to *strongly encourage* efficient SPF
records, while still allowing chained queries, if necessary.
--
Dave
************************************************************ *
* David MacQuigg, PhD email: dmquigg-spf at yahoo.com * *
* IC Design Engineer phone: USA 520-721-4583 * * *
* Analog Design Methodologies * * *
* 9320 East Mikelyn Lane * * *
* VRS Consulting, P.C. Tucson, Arizona 85710 *
************************************************************ *