julian at mehnle
Dec 3, 2007, 1:44 PM
Views: 1674
Permalink
|
|
Possible other RFC 4408 erratum (2.5.7): PermError due to macro expansion?
|
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Julian Mehnle wrote:
> > > As for real implementation behavior, Mail::SPF currently treats
> > > "a:foo..bar" as a simple mismatch.
> >
> > Wait a moment, I was talking about <target-name> foo..bar, are you
> > talking about a <directive> a:foo..bar ? Adjacent dots before the
> > macro expansion step directly written in a policy are a PermError,
> > aren't they ?
>
> I was talking about <target-name> = "foo..bar", but it's all the same,
> really. "a:foo..bar" is not a syntax error. In any case, according to
> RFC 4408, a PermError should not be thrown for that reason.
Uhmmmm, it just occurred to me that RFC 4408, 2.5.7[1] makes the following
disturbing statement:
| Be aware that if the domain owner uses macros (Section 8), it is
| possible that this [PermError] result is due to the checked identities
| having an unexpected format.
This implies that "a:%{h}" with HELO = "1.2.3.4" COULD be considered to
justify a PermError result. However, I think we better make an erratum
out of this, since there's probably not a single SPF implementation on
earth that actually performs another syntax check after macro expansion.
Comments?
References:
1. http://www.openspf.org/RFC_4408#op-result-permerror
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFHVHjNwL7PKlBZWjsRAm1FAJ9KZGN2xmeZywKwmQItNVUHTKk2TwCgyx68
s+TppuLHVp7pyf/mYF9LcDs=
=7d+V
-----END PGP SIGNATURE-----
-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Archives: http://v2.listbox.com/member/archive/1007/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/1007/
Modify Your Subscription: http://v2.listbox.com/member/?member_id=1311533&id_secret=71620799-3d3612
Powered by Listbox: http://www.listbox.com
|
Possible other RFC 4408 erratum (2.5.7): PermError due to macro expansion?
