spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: When does the record end? was: SPF Validation Tools - Yet Another One

2005-07-19 12:55:07
from [Scott Kitterman] [Permanent Link] 
-----Original Message-----
From: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com]On Behalf Of Allyn 
Wade
Sent: Thursday, July 07, 2005 4:03 AM
Subject: RE: [spf-discuss] SPF Validation Tools - Yet Another One

Scott Kitterman wrote:


http://www.kitterman.com/spf/validate.html


This is a very interesting looking tool!

I tried it for one of the test domains under spf1-test.mailzone.com, which
has a couple of problems, and it did seem to confuse parts of the tool.

For Domain Name I entered "99.spf1-test.mailzone.com", and pressed the "Get
SPF record" button.  Here's what I got:


...


Now I think this is OK (given the ambiguous nature of record evaluation -
the "moo" would cause my SPF implementation to return PermError, but I'm
guessing the python implementation just goes left to right, and never sees
"moo").

The reason I picked on this particular record, is that, apart from the
"moo", it has, indirectly, another slight problem - the TXT record for the
exp= domain (99txt.spf1-test.mailzone.com) contains a syntax error (it uses
an undefined macro letter, "u").

That seems a bit subtle, and I didn't really expect the tool to
notice/care,
but I was just curious.


This turned out to be a very interesting test.  Thanks to this, pySPF will
now correctly error on undefined macros and ignore exp strings that have
errors in them.

I'm still a bit uncertain what to do about 'moo'.

I look at:

http://www.schlitt.net/spf/spf_classic/draft-schlitt-spf-classic-02.html#anc
hor20

"4.6. Record Evaluation

After one SPF record has been selected, the check_host() function parses and
interprets it to find a result for the current test. If there are any syntax
errors, check_host() returns immediately with the result "PermError".

Implementations MAY choose to parse the entire record first and return
"PermError" if the record is not syntactically well formed. However, in all
cases, any syntax errors anywhere in the record MUST be detected."

And I know that I MUST detect all syntax errors anywhere in the record, but
I'm not 100% sure what in the record means...

I assume that it is meant to include all of the text returned by the TXT/SPF
record query and so 'moo' should be detected and a PermError result.

I might (because I don't want monkey with the pySPF processing any more than
I have to :0) also think that once I've gotten to all/redirect/exp, there is
no way there can be anything valid after that no matter what is actually
present, so why bother?

Is there any kind of risk associated with terminating processing of a record
once all mechanisms/modifiers have been evaluated?

Put another way, is there any value to processing 'moo' and determining it's
a syntax error?

Should the draft be more explicit about what 'in' the record means?  Can the
record end once there is no more data to process?

Scott K
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Re:MX/PTR Max Lookup error was( "/" inside an exists: domain-spec?), Scott Kitterman
Next by Date:  RE: Re: Test tool for type 99 was:"/" inside an exists: domain-spec?, Scott Kitterman
Previous by Thread:  RE: SPF Validation Tools - Yet Another One, Scott Kitterman
Next by Thread:  Re: When does the record end?, Frank Ellermann
Indexes:  [Date] [Thread] [Top] [All Lists]