spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Re: -01pre5

2005-05-07 07:50:24
from [wayne] [Permanent Link] 
In <427C6B1E(_dot_)730E(_at_)xyzzy(_dot_)claranet(_dot_)de> Frank Ellermann 
<nobody(_at_)xyzzy(_dot_)claranet(_dot_)de> writes:


wayne wrote:


if you haven't bothered to make comments about the -00 draft
weeks ago, you really don't have much right to complain about
me releasing the -01 draft quickly.


I've reviewd -01pre2 nine weeks ago, and now -01pre5 up to line
631.  It's not about "complaining", it's about typos and minor
stuff before the "last call" and IESG review.


Yes, people who *have* commented on the -00 draft have some room to
say that they have a dispute about things I didn't apply.  In
particular, both Julian and you qualify, and I think Radu does also
since he did comment on the DNS load issues.  However, I think it is
reasonable to submit another I-D to the IETF soon, if for no other
reason that to show forward progress and prevent the old I-D from
timing out.




The "HELO PermError" found by Mark was interesting.  Or if you 
adopt Scott's "no include PermError" the Sendmail folks who've
apparently implemented the "include PermError" correctly might
get angry (see spf-help).


Yeah, that is an issue that I'm very concerned about getting right.






I know that John Levine has created test SPF records that
can cause problems if there isn't a timeout.


That's something I missed, do you have an example ?  How is
this possible if you evaluate a policy left to right ?  Bye.


try doing SPF queries on <anything>.slow.sp.am

e.g:

(wayne(_at_)footbone) $ time dig foo.slow.sp.am txt +short
foo.slow.sp.am.         2       IN      TXT     "v=spf1 
include:_ep.10.3e8e.foo.slow.sp.am -all"

real    0m6.128s
user    0m0.010s
sys     0m0.010s

(wayne(_at_)footbone) $ time spfquery -ip=1.2.3.4 
-sender=foo(_at_)bar(_dot_)slow(_dot_)sp(_dot_)am -helo=baz.slow.sp.am
unknown

spfquery: error in processing during lookup of domain of bar.slow.sp.am: 
Mechanisms used too many DNS lookups
Received-SPF: unknown (spfquery: error in processing during lookup of domain of 
bar.slow.sp.am: Mechanisms used too many DNS lookups) client-ip=1.2.3.4; 
envelope-from=foo(_at_)bar(_dot_)slow(_dot_)sp(_dot_)am; helo=baz.slow.sp.am;

real    3m20.339s
user    0m0.010s
sys     0m0.000s


Note that this spfquery doesn't have *any* timeouts...


-wayne
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Re: HELO versus MAILFROM results, Radu Hociung
Next by Date:  Re: NOT RECOMMENDED, wayne
Previous by Thread:  Re: -01pre5, Frank Ellermann
Next by Thread:  s/prefix/sign/ and 20 seconds for foo.slow.sp.am (was: -01pre5), Frank Ellermann
Indexes:  [Date] [Thread] [Top] [All Lists]