spf-discuss
[Top] [All Lists]

Re: Re: Validator Testing Request

2005-08-09 09:34:06
In 
<Pine(_dot_)LNX(_dot_)4(_dot_)44(_dot_)0508091128580(_dot_)21992-100000(_at_)bmsred(_dot_)bmsi(_dot_)com>
 "Stuart D. Gathman" <stuart(_at_)bmsi(_dot_)com> writes:

On Tue, 9 Aug 2005, Stuart D. Gathman wrote:

Exactly.  There is only ever on PTR record looked up on an SPF query.  

[...]          There can be multiple PTR records for the IP.  Sure, they
can usually all be returned in the same packet, but an implementation
might not validate the names until they match a mechanism.  In which
case PTR should count as 1 each - just like the spec says - because each
matching PTR will cause an A record lookup to validate.  [...]

True, but there are two cases:

1) The ptr: mechanism matches, in which case the evaluation of the SPF
   record finishes.

2) The ptr: mechanism doesn't match, in which case all the PTR RRs
   will be checked.  (Ok, at most 10 PTR RRs, but it will remain the
   same throughout.)


So, if you ever hit a second ptr: mechanism, you are going to have
done all the DNS lookups already.


-wayne