spf-discuss
[Top] [All Lists]

RE: MX/PTR Max Lookup error

2005-07-19 11:13:22
On Tue, 19 Jul 2005, Scott Kitterman wrote:

I think PermError is the right answer, but I guess I'd like to know what the
consensus is here and then Wayne can figure out if he should/can clarify the
text.

I moved the limit check to the dns_mx and validate_ptr methods.  
The generic dns method was the wrong place for it.  I also changed it
to ignore MX records past the limit rather than raise PermErr as
recommended by Frank and Wayne, but I can change that back depending on how
things are clarified.  I like your interpretation better since 
the result is deterministic.  But I have to admit that the spec sounds
more like Franks interpretation, despite the quantum mechanical flavor
of the result.  With Franks version, you could have an mx/24, and it
would work fine with 40 MX records provided they are all in the same
/24 subnet.  With your version, you would be unable to use the mx
(or ptr) mechanism in your SPF record if it had more than 10 records.

Even with your version, the results become somewhat stochastic
when MX/PTR records have been recently added/removed, and may or may not
be in various caches.

-- 
              Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
    Business Management Systems Inc.  Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.