On Tue, Aug 29, 2006 at 09:52:09PM +1200, Craig Whitmore wrote:
With /0 you can talk about "all IPv4" or "all IPv6". That
could be okay if it's intentionally different from "-all".
test16.spam.co.nz v=spf1 ip4:0.0.0.0/0 -all
test17.spam.co.nz v=spf1 ip4:0.0.0.0 -all
What should be the "correct" result with these testing with ip address
1.1.1.1 ?
If /0 is OK, then:
16: ip4:0.0.0.0/0 is a match, return "+"
17: ip4:0.0.0.0 is not a match, continue with "-all"
else
16: ip4:0.0.0.0/0 is an error
17: ip4:0.0.0.0 is not a match, continue with "-all"
0.0.0.0 can only have 1 netmask (0) [...]
What about, for instance, 0.0.0.0/4 ? This would allow any network
between 1.0.0.0/8 and 15.0.0.0/8
something like 1.1.1.1/0 should be invalid.
That would then count for any address/netmask pair who's masked out
part is not zero. I think the last time we discussed this, the
outcome was that this should result in a warning during testing
but not in an error. I could live with either.
Alex
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com