In <42F85DF7(_dot_)7DC5(_at_)xyzzy(_dot_)claranet(_dot_)de> Frank Ellermann
<nobody(_at_)xyzzy(_dot_)claranet(_dot_)de> writes:
Richard Parker wrote:
that strikes me as strange.
Not really, if you have "v=spf1 a a a a a" it's five mechanisms
- we cannot expect implementations to "think" about such crap.
I think Richard's point is that those redundant "a" mechanisms don't
do anything useful, while "ptr:foo.com ptr:bar.com ptr:baz.com" does
do something useful. More over, you can't shorten up those ptr:
checks.
Is an SPF implementation expected to issues multiple
identical DNS PTR lookups on the server IP address if
there are multiple ptr mechanisms?
Sure, it's in the DNS cache, no problem. It's the purpose of a
cache to accelerate identical queries.
Yes, the DNS cache helps, but that doesn't really solve the problem
that the extra ptr: checks count against the DoS process limits.
-wayne