spf-discuss
[Top] [All Lists]

Re: [spf-discuss] Re: Which SPF implementation to choose?

2006-08-29 03:29:50
On Tue, Aug 29, 2006 at 09:52:09PM +1200, Craig Whitmore wrote:

With /0 you can talk about "all IPv4" or "all IPv6".  That
could be okay if it's intentionally different from "-all".

test16.spam.co.nz          v=spf1 ip4:0.0.0.0/0 -all
test17.spam.co.nz          v=spf1 ip4:0.0.0.0 -all

What should be the "correct" result with these testing with ip address 
1.1.1.1 ?

If /0 is OK, then:

16:  ip4:0.0.0.0/0 is a match, return "+"
17:  ip4:0.0.0.0 is not a match, continue with "-all"

else

16:  ip4:0.0.0.0/0 is an error
17:  ip4:0.0.0.0 is not a match, continue with "-all"

0.0.0.0 can only have 1 netmask (0) [...]

What about, for instance, 0.0.0.0/4 ?  This would allow any network
between 1.0.0.0/8 and 15.0.0.0/8

something like 1.1.1.1/0 should be invalid.

That would then count for any address/netmask pair who's masked out
part is not zero.  I think the last time we discussed this, the
outcome was that this should result in a warning during testing
but not in an error.  I could live with either.

Alex

-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com