Skip Menu |

This queue is for tickets about the Mail-SPF CPAN distribution.

Report information
The Basics
Id: 107112
Status: open
Priority: 0/
Queue: Mail-SPF
People
Owner: Nobody in particular
Requestors: sebastiaanlokhorst [...] gmail.com
Cc:
AdminCc:
Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)

History Show all quoted text
  Tue Sep 15 15:34:06 2015 sebastiaanlokhorst [...] gmail.com - Ticket created
Subject: max_void_dns_lookups goes against RFC 4408
Date: Tue, 15 Sep 2015 21:33:55 +0200
To: bug-Mail-SPF [...] rt.cpan.org
From: Sebastiaan Lokhorst <sebastiaanlokhorst [...] gmail.com>
Hi, The documentation about the max_void_dns_lookups option suggests that RFC 4408 says something about "void DNS lookups". The RFC only says that the total number of DNS lookups should be limited to 10. So, by using this option, the SPF-check is not RFC-compliant, because it will permerror before reaching 10 lookups. I suggest the default for this option should be undef. Thanks! Sebastiaan
  Tue Sep 15 18:45:58 2015 JMEHNLE [...] cpan.org - Correspondence added
Show quoted text
> The documentation about the max_void_dns_lookups option suggests that RFC > 4408 says something about "void DNS lookups". > The RFC only says that the total number of DNS lookups should be limited to > 10. > > So, by using this option, the SPF-check is not RFC-compliant, because it > will permerror before reaching 10 lookups. > > I suggest the default for this option should be undef.
The reference to "RFC 4408, 10.1, paragraphs 6 and 7" refers only to "DNS-active terms", not to "void DNS lookups". I'll grant that the wording is ambiguous and should be clarified to say that this limit is not native to RFC 4408. Note, however, that the default was undef for years and it turned out to be a bad idea, which is why it was finally changed to 2. Also note that this concept exists in RFC 7208 (the official successor to RFC 4408) and has a suggested threshold of 2: https://tools.ietf.org/html/rfc7208#section-11.1
  Tue Sep 15 18:45:58 2015 The RT System itself - Status changed from 'new' to 'open'
  Wed Sep 16 00:07:17 2015 sebastiaanlokhorst [...] gmail.com - Correspondence added
Subject: Re: [rt.cpan.org #107112] max_void_dns_lookups goes against RFC 4408
Date: Wed, 16 Sep 2015 06:07:02 +0200
To: bug-Mail-SPF [...] rt.cpan.org
From: Sebastiaan Lokhorst <sebastiaanlokhorst [...] gmail.com>
Show quoted text
> > The reference to "RFC 4408, 10.1, paragraphs 6 and 7" refers only to > "DNS-active terms", not to "void DNS lookups". I'll grant that the wording > is ambiguous and should be clarified to say that this limit is not native > to RFC 4408. Note, however, that the default was undef for years and it > turned out to be a bad idea, which is why it was finally changed to 2. > > Also note that this concept exists in RFC 7208 (the official successor to > RFC 4408) and has a suggested threshold of 2: > https://tools.ietf.org/html/rfc7208#section-11.1
I did not know about RFC 7208. It is indeed very clear about this. My only request would be that you update the documentation, and refer to RFC 7208, so this will be clear to everyone. Thank you very much for this clarification and for developing this module!