Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: SPF: Devel

Possible other RFC 4408 erratum (2.5.7): PermError due to macro expansion?

 

 

SPF devel RSS feed   Index | Next | Previous | View Threaded


julian at mehnle

Dec 3, 2007, 1:44 PM

Post #1 of 2 (1809 views)
Permalink
Possible other RFC 4408 erratum (2.5.7): PermError due to macro expansion?

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Julian Mehnle wrote:
> > > As for real implementation behavior, Mail::SPF currently treats
> > > "a:foo..bar" as a simple mismatch.
> >
> > Wait a moment, I was talking about <target-name> foo..bar, are you
> > talking about a <directive> a:foo..bar ? Adjacent dots before the
> > macro expansion step directly written in a policy are a PermError,
> > aren't they ?
>
> I was talking about <target-name> = "foo..bar", but it's all the same,
> really. "a:foo..bar" is not a syntax error. In any case, according to
> RFC 4408, a PermError should not be thrown for that reason.

Uhmmmm, it just occurred to me that RFC 4408, 2.5.7[1] makes the following
disturbing statement:

| Be aware that if the domain owner uses macros (Section 8), it is
| possible that this [PermError] result is due to the checked identities
| having an unexpected format.

This implies that "a:%{h}" with HELO = "1.2.3.4" COULD be considered to
justify a PermError result. However, I think we better make an erratum
out of this, since there's probably not a single SPF implementation on
earth that actually performs another syntax check after macro expansion.

Comments?

References:
1. http://www.openspf.org/RFC_4408#op-result-permerror

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHVHjNwL7PKlBZWjsRAm1FAJ9KZGN2xmeZywKwmQItNVUHTKk2TwCgyx68
s+TppuLHVp7pyf/mYF9LcDs=
=7d+V
-----END PGP SIGNATURE-----

-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Archives: http://v2.listbox.com/member/archive/1007/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/1007/
Modify Your Subscription: http://v2.listbox.com/member/?member_id=1311533&id_secret=71620799-3d3612
Powered by Listbox: http://www.listbox.com


scott at kitterman

Dec 3, 2007, 2:22 PM

Post #2 of 2 (1689 views)
Permalink
Re: Possible other RFC 4408 erratum (2.5.7): PermError due to macro expansion? [In reply to]

On Monday 03 December 2007 16:44, Julian Mehnle wrote:
> Julian Mehnle wrote:
> > > > As for real implementation behavior, Mail::SPF currently treats
> > > > "a:foo..bar" as a simple mismatch.
> > >
> > > Wait a moment, I was talking about <target-name> foo..bar, are you
> > > talking about a <directive> a:foo..bar ? Adjacent dots before the
> > > macro expansion step directly written in a policy are a PermError,
> > > aren't they ?
> >
> > I was talking about <target-name> = "foo..bar", but it's all the same,
> > really. "a:foo..bar" is not a syntax error. In any case, according to
> > RFC 4408, a PermError should not be thrown for that reason.
>
> Uhmmmm, it just occurred to me that RFC 4408, 2.5.7[1] makes the following
>
> disturbing statement:
> | Be aware that if the domain owner uses macros (Section 8), it is
> | possible that this [PermError] result is due to the checked identities
> | having an unexpected format.
>
> This implies that "a:%{h}" with HELO = "1.2.3.4" COULD be considered to
> justify a PermError result. However, I think we better make an erratum
> out of this, since there's probably not a single SPF implementation on
> earth that actually performs another syntax check after macro expansion.
>
> Comments?
>
> References:
> 1. http://www.openspf.org/RFC_4408#op-result-permerror
>
I'd say possible ~ MAY and so it's right either way. No need for erratum.

Scott K

-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Archives: http://v2.listbox.com/member/archive/1007/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/1007/
Modify Your Subscription: http://v2.listbox.com/member/?member_id=1311533&id_secret=71632746-295c2f
Powered by Listbox: http://www.listbox.com

SPF devel RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.