In
<Pine(_dot_)LNX(_dot_)4(_dot_)44(_dot_)0508091128580(_dot_)21992-100000(_at_)bmsred(_dot_)bmsi(_dot_)com>
"Stuart D. Gathman" <stuart(_at_)bmsi(_dot_)com> writes:
On Tue, 9 Aug 2005, Stuart D. Gathman wrote:
Exactly. There is only ever on PTR record looked up on an SPF query.
[...] There can be multiple PTR records for the IP. Sure, they
can usually all be returned in the same packet, but an implementation
might not validate the names until they match a mechanism. In which
case PTR should count as 1 each - just like the spec says - because each
matching PTR will cause an A record lookup to validate. [...]
True, but there are two cases:
1) The ptr: mechanism matches, in which case the evaluation of the SPF
record finishes.
2) The ptr: mechanism doesn't match, in which case all the PTR RRs
will be checked. (Ok, at most 10 PTR RRs, but it will remain the
same throughout.)
So, if you ever hit a second ptr: mechanism, you are going to have
done all the DNS lookups already.
-wayne