In
<Pine(_dot_)LNX(_dot_)4(_dot_)44(_dot_)0701101046400(_dot_)19707-100000(_at_)bmsred(_dot_)bmsi(_dot_)com>
"Stuart D. Gathman" <stuart(_at_)bmsi(_dot_)com> writes:
On Wed, 10 Jan 2007, Julian Mehnle wrote:
query for TXT records
if there aren't any valid SPFv1 records, then query for type99
proceed with record selection as per section 4.5
Yes, this is technically doing record selection twice, but that isn't
ruled out by RFC4408.
That is what pyspf does.
Good.
Interestingly, this is exactly the reverse of what Mail::SPF does, which
is:
query for SPF-type records
if there aren't any valid SPFv1 records, then query for TXT-type
proceed with record selection as per section 4.5
I don't recommend that because there are quite a few braindead
DNS servers which TIMEOUT for unknown record types. By checking
type 99 first, you get an long delay for the SPF check. While you
seem to have run into a TIMEOUT for type TXT, it is much more rare.
Yeah, I thought that was fairly obvious and well known. Checking for
type99 records is a performance problem, at best.
pyspf code has a note to switch to type 99 first when timeouts for
type 99 become less common.
I would also recommend not even checking for type99 records until
type99 records become more common.
-wayne
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735