In
<Pine(_dot_)LNX(_dot_)4(_dot_)44(_dot_)0507072116370(_dot_)28326-100000(_at_)bmsred(_dot_)bmsi(_dot_)com>
"Stuart D. Gathman" <stuart(_at_)bmsi(_dot_)com> writes:
On Fri, 8 Jul 2005, Frank Ellermann wrote:
ip4:12.196.50.0/0 is the AFAIK same as ip4:0.0.0.0/0
probably not what they wanted, but syntatically okay.
Saying that it's incorrent could make sense, but I'm
not sure how your script decided this.
Would give a warning if host part is non-zero for an ip4.
libspf2 has long rejected a /0 as an invalid cidr value. It will also
reject a /33 for ip4: and /129 for ip6:.
When made that the regexp that checks SPF records, I found a few
things that the current ABNF in the spec doesn't match test suite.
One of them is the CIDR values are not checked for the ranges.
So, I was intending to update the spec from:
ip4-cidr-length = "/" 1*DIGIT
ip6-cidr-length = "/" 1*DIGIT
to, uh, something like this:
ip4-cidr-length = "/" ( %x31-%x39 / "1" DIGIT / "2" DIGIT
/ "3" %x30-%x32 )
ip6-cidr-length = "/" ( %x31-%x39 / DIGIT DIGIT
/ "10" DIGIT / "11" DIGIT /
/ "12" %x30-%x38 )
(I just typed created these ABNF rules, beware of bugs.)
This should require the CIDR lengths to be from 1-32 for ip4: and
1-128 for ip6:. It would reject /0, or /08, or /999999.
Is this something I should put into the spec?
Similarly, I was thinking of nailing down the marcro-variable's
"truncation transformer" (i.e. the number in %{l1r}). This value
needs to be at least one to make any sense and, due to limitations in
a DNS query, a maximum of 128. (You can't have more than 128 labels
in a DNS query.)
-wayne