You are viewing a plain text version of this content. The canonical link for it is here.
Posted to server-dev@james.apache.org by Norman Maurer <nm...@byteaction.de> on 2006/07/16 15:56:48 UTC
SPF and maximum dns lookups per record ( includes)
Hi guys,
we developed a java implementation for spf called jSPF. Version 0.9b1
wil be released next week if nothing goes wrong.. Now someone open a bug
report which report us that microsoft.com return a permError cause the
maximum includes of 10 is to less.. But i think the bugreport is invalid
cause the specs are really clear on this..
What you guys think about it ?
Here is the bugreport:
http://issues.apache.org/jira/browse/JSPF-21?page=all
Any feedback whould be cool.
Re: SPF and maximum dns lookups per record (includes)
Posted by Julian Mehnle <ju...@mehnle.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Norman Maurer wrote:
> we developed a java implementation for spf called jSPF. Version 0.9b1
> wil be released next week if nothing goes wrong.. Now someone open a bug
> report which report us that microsoft.com return a permError cause the
> maximum includes of 10 is to less.. But i think the bugreport is invalid
> cause the specs are really clear on this..
You are absolutely correct, the microsoft.com records are invalid -- hard
to believe but true. And I think it is important that implementations and
their users NOT begin to weaken their lookup limits, because otherwise
more and more domains will begin to ignore the lookup limits, in turn
again causing other implementations to have to raise, or entirely get rid
of, their limits.
The limits are a necessary evil that serve the purpose of mitigating the
risks of DoS attacks.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFEumiKwL7PKlBZWjsRArTQAKCaDdwnHOSohBNLakaKET96L4dakQCgipo0
b3PGl33bA9oMVM8vxXTRY3I=
=QUeU
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org
Re: [spf-devel] Re: SPF and maximum dns lookups per record
(includes)
Posted by Norman Maurer <nm...@byteaction.de>.
>
> Norman Maurer wrote:
> > we developed a java implementation for spf called jSPF. Version 0.9b1
> > wil be released next week if nothing goes wrong.. Now someone open a bug
> > report which report us that microsoft.com return a permError cause the
> > maximum includes of 10 is to less.. But i think the bugreport is invalid
> > cause the specs are really clear on this..
>
> You are absolutely correct, the microsoft.com records are invalid -- hard
> to believe but true. And I think it is important that implementations and
> their users NOT begin to weaken their lookup limits, because otherwise
> more and more domains will begin to ignore the lookup limits, in turn
> again causing other implementations to have to raise, or entirely get rid
> of, their limits.
I fully agree.. if is in RFC we should not "break" it.
>
> The limits are a necessary evil that serve the purpose of mitigating the
> risks of DoS attacks.
>
Thx for the reply.. i just wanted to get sure :-)
Thx
Norman