Hi Peter,
I figured you were using original specs (as you indicated). Our parser is
still original specs based too, which is nearly 2 years old now. :-)
The question is whether a UNKNOWN should return a statement:
"X.X.X.X may send in the name of the domain."
and how receivers should handle "unknowns."
I believe, I havn't checked off hand, but Wayne's spec has this as PERMERROR.
All this is based on trying to get some level of consistency for receivers to
better handle the results and/do integrate with Rule Based Mail Filters.
I didn't check, does your "show details" show a possible resulting
"Received-SPF:" header?
--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com
----- Original Message -----
From: "Peter Karsai" <peter(_dot_)karsai(_at_)gmail(_dot_)com>
Newsgroups: spf.-.sender.policy.framework.discussion
To: <spf-discuss(_at_)v2(_dot_)listbox(_dot_)com>
Sent: Saturday, August 27, 2005 3:56 AM
Subject: Re: [spf-discuss] Updated SPF validator and a new checker
Hi Hector,
The draft version that our SPF library works with
(http://www.libspf.org/files/spf-draft-200405.txt) says in Section 3.
SPF Record Evaluation that "If an SPF client encounters a syntax error
in an SPF record, it must terminate processing and return a result of
"unknown".".
The library does a reasonaly complete syntax validation on the SPF
policy string before the evaluation to make sure that the policy is OK
and the evaluation will not end with unexpected results. I believe
that we have to be strict on syntax, otherwise we will end up with
something like HTML browsers :)
Peter
On 8/26/05, Hector Santos <spf-discuss(_at_)winserver(_dot_)com> wrote:
Peter, I ran a few logged SPF results to test against your checker.
For one transaction I got on August 19:
IP: 199.237.55.172
CDN: yes.jcmanagementservices.com
RPD:
b-p0ckbcgbhbjd-iaagchg-000-(_at_)msg(_dot_)jcmanagementservices(_dot_)com
The SPF record is:
v=spf1 mx ptr a include
This results in a PASS because of the MX match.
Your checker indicates:
"199.237.55.172 may send in the name of the domain."
And the details indicates:
"SPF policy evaluation finished with SPF Unknown."
I retested this by changing the IP to see how it handled a bad IP.
IP: 199.237.55.173
and our systems returns a PERMERROR which I think is correct the INCLUDE is
incorrect.
But your checker says:
"199.237.55.173 may send in the name of the domain."
"SPF policy evaluation finished with SPF Unknown."
Shouldn't your checker throw an error on this? Not a pass?
--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com
-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com