spf-discuss
[Top] [All Lists]

RE: Validator Testing Request

2005-08-08 07:59:56
On Mon, 8 Aug 2005, Herb Martin wrote:

I'm tempted to take off the note that says it doesn't support 
macros, but I'd appreciate some additional testing first.

(Top dialog): learnquick.com 
Does my domain already have an SPF record? What is it? Is it valid?
<some results>
evaluating...
Results - PermError SPF Permanent Error: Too many DNS lookups 

My zone has passed other validators -- would you please tell me
if this is an issue with your validator, my records, or even
if valid are my records just too complicated for my own good?

The draft RFC has strict processing limits.  One of the limits
is a max of 10 DNS lookups.  Includes can quickly rack up those
lookups.  Earlier drafts said receivers must process at least 10
lookups.  Many implementations would do quite a bit more.  Mine would
do 40.  My current thinking is to accept the mail if "extended"
processing (additional lookups) produces a pass, but send a DSN to the sender
(subject to the usual ratelimiting etc) complaining about the complex record.

There was quite a bit of debate over what the limits should be.  Some
of us wanted larger strict limits, but those arguing for a smaller limit
challenged us to show an example where the complex SPF record was actually
needed.  Months of trying failed to produce such an example - all the
attempts were simplified to fit in the strict limit.  Hopefully, they
will make similar suggestions for yours.

If you are using include as an organizing tool, Wayne has a tool as part of
libspf2 that will "compile" a complex SPF to a simple one by inlining
include, translating A,MX to IP4, etc.  The result has a TTL with the
smallest TTL of DNS records fetched during the compile, but can be
given a longer TTL if you don't expect to change those other aspects.


-- 
              Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
    Business Management Systems Inc.  Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.