spf-discuss
[Top] [All Lists]

RE: RE: MX/PTR Max Lookup error

2005-07-19 11:20:35
-----Original Message-----
From: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com]On Behalf Of Stuart 
D. Gathman
Sent: Tuesday, July 19, 2005 2:13 PM
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Cc: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: [spf-discuss] RE: MX/PTR Max Lookup error


On Tue, 19 Jul 2005, Scott Kitterman wrote:

I think PermError is the right answer, but I guess I'd like to
know what the
consensus is here and then Wayne can figure out if he should/can
clarify the
text.

I moved the limit check to the dns_mx and validate_ptr methods.
The generic dns method was the wrong place for it.  I also changed it
to ignore MX records past the limit rather than raise PermErr as
recommended by Frank and Wayne, but I can change that back depending on how
things are clarified.  I like your interpretation better since
the result is deterministic.  But I have to admit that the spec sounds
more like Franks interpretation, despite the quantum mechanical flavor
of the result.  With Franks version, you could have an mx/24, and it
would work fine with 40 MX records provided they are all in the same
/24 subnet.  With your version, you would be unable to use the mx
(or ptr) mechanism in your SPF record if it had more than 10 records.

Even with your version, the results become somewhat stochastic
when MX/PTR records have been recently added/removed, and may or may not
be in various caches.

--
I think that's Wayne's post clears it up.  I had it wrong and will propose a
small clarifying patch for the spec.  I wish it were the other way around,
but I gather it's not.

Scott K