spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [spf-discuss] Re: Is best guess moronic?

2005-11-19 02:31:06
from [Mark] [Permanent Link] 


-----Original Message-----
From: william(at)elan.net [mailto:william(_at_)elan(_dot_)net]
Sent: zaterdag 19 november 2005 1:42
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: RE: [spf-discuss] Re: Is best guess moronic?

On Fri, 18 Nov 2005, Mark wrote:


You heard the hysteria... Now the facts from your SPF Council:

Mail::SPF::Query does NOT, by default, enable the 'best guess' mecha-
nism. Let me repeat that: NOT. And shouting real hard about it does
not make it so, either, btw. "guess", like "debug", "trusted", etc, is
a parameter that needs explicit setting; like so:

my $query = new Mail::SPF::Query (ip => "127.0.0.1", sender => '-
foo(_at_)example(_dot_)com', helo => "somehost.example.com", trusted => 1, 
guess
=> 1);


It does not matter if it by default enables it or not. The point is that
its in that code and the code is considered reference implementation.


Although 'best-guess' is in the package that does the reference
implementation, it is not performing these actions as part of the
reference implementation.


The only way to do it is to separate best guess code into separate perl
module that could be installed and could use the original module but
override its results in special cases like this buest guess when no SPF
record was present.


If you mean 'overriding package' in the Perl sense of, say,
Mail::SPF::Query::Extra, then that would indeed be a lot cleaner. But the
objections will be pretty much the same: people will say it was part of
SPF's 'official' package, and therefore needed to be removed.

If you meant 'overriding package' in the sense of entirely different
package, that just calls Mail::SPF::Query to examine its results, then
please understand that you would essentially have to do the SPF checks
twice: once for the 'reference implementation' call, and then another time
on "Fail", "None", etc, within the other package, to see whether there
were perhaps reasons, like being in trusted-forwarder.org, for returning a
"Pass" after all. I do not think I could find many folks who would find
that an elegant implementation. It then makes a lot more sense to inclue
those optional mechs as part of the first SPF lookup, inside
Mail::SPF::Query.

- Mark 
 
        System Administrator Asarian-host.org
 
---
"If you were supposed to understand it,
we wouldn't call it code." - FedEx

-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [spf-discuss] Re: Is best guess moronic?, Scott Kitterman
Next by Date:  [spf-discuss] Re: Is best guess moronic?, Frank Ellermann
Previous by Thread:  RE: [spf-discuss] Re: Is best guess moronic?, william(at)elan.net
Next by Thread:  Re: [spf-discuss] Re: GMAIL mis-usage of SPF?, Scott Kitterman
Indexes:  [Date] [Thread] [Top] [All Lists]