-----Original Message-----
From: Richard Parker [mailto:richard(_at_)electrophobia(_dot_)com]
Sent: Tuesday, August 09, 2005 2:28 AM
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: Re: [spf-discuss] Validator Testing Request
On Aug 8, 2005, at 10:17 PM, wayne wrote:
However, the ptr *does* count. This ptr lookup is not the same as the
one in 1) because it refers to easydns.com, not cox.net. Even if it
was the same, they would both count.
Thanks for the explanation Wayme, however that strikes me as
strange. As I understand the spec the number of mechanisms and
modifiers that do DNS lookups is limited to 10. But surely, since
any ptr mechanism after the first doesn't need to invoke an
additional PTR lookup, shouldn't they not count against the limit?
Multiple ptr mechanisms in a single SPF record presumably just cause
SPF to add the specified domains to the list of acceptable parent
domains for a single PTR lookup performed on the server IP address
(since this IP address doesn't change over the course of the SPF
record evaluation). In the case of my example, the DNS PTR lookup at
step 2 should be sufficient for all ptr mechanisms. Am I
misunderstanding something? Is an SPF implementation expected to
issues multiple identical DNS PTR lookups on the server IP address if
there are multiple ptr mechanisms?
Because the context of how a mechanism is treated can vary, it is necessary
for implementations to break the record down into individual mechanisms and
process them individually.
The result of the earlier PTR lookups will be cached, so from a performance
perspective your particular case isn't especially worrisome, but trying to
track previous lookups and figure out whether or not to count them based on
whether or not an equivalent lookup has been done before would add
significant complexity to an implementation.
As it stands, there is a counter and each time a mechanism is hit that
causes a DNS lookup, the counter is incremented. It's quite simple and
reliable.
Scott K