spf-discuss
[Top] [All Lists]

Re: [spf-discuss] Re: Softfail when spf-checking mails from this list, max_dns_mx=5

2007-03-15 09:25:53
On Thursday 15 March 2007 11:46, Thomas Jacob wrote:
Surely you have considered this, but what is the rationale for pushing
to distributions SPF implementations that are not known, according to
<http://www.openspf.org/Implementations>, to fully comply with rfc
4408?

What exactly are the things that lead to non-compliance? Are they
listed somewhere?

No.  The problem is that libspf2 was completed before RFC 4408 were published.

There are two areas that I know of where it is non-compliant:

1.  Result names - libspf2 still uses the pre-RFC result names of unknown and 
error.  In RFC 4408 terms unknown = permerror and error = temperror.

2.  Processing limits - unlike other pre-RFC 4408 libraries, libspf2 at least 
uses the same processing limit structure (other libraries used a recursion 
depth limit) and so if someone would evaluate that code it should be 
relatively straightforward to identify and patch libspf2 to align it to RFC 
4408 (as your patch did with MX limits), but no one has done a review of all 
the limits to determine what all the required changes are.

There are probably others, but they are likely all low probability corner 
cases.

Will the package documentation point out that it does or does not
comply fully with the specification or has or has not passed the
current test suite?

The output of this test suite maybe?

The current test suite requires a library specific driver that no one has 
written for libspf2, and so this is unknown.  There is a test suite for 
libspf2, but it is based on pre-RFC requirements (the relevant tests from it 
were brought forward into the current test suite).

BTW don't we want to read "comply" where "conform" is written in

        ... there are currently two library implementations that are
        known to _fully conform_ to the final SPFv1 specification (RFC
        4408)

I'm trying to understand the difference between "comply" and "fully
conform"
in this context (my native language not being English), could you
please shed some light on that?

Well, English is my native language and I don't know what he was getting at 
either.

Scott K

-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to http://v2.listbox.com/member/?list_id=735

<Prev in Thread] Current Thread [Next in Thread>