james-server-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Julian Mehnle <jul...@mehnle.net>
Subject Re: SPF and maximum dns lookups per record (includes)
Date Sun, 16 Jul 2006 16:25:45 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Norman Maurer wrote:
> we developed a java implementation for spf called jSPF. Version 0.9b1
> wil be released next week if nothing goes wrong.. Now someone open a bug
> report which report us that microsoft.com return a permError cause the
> maximum includes of 10 is to less.. But i think the bugreport is invalid
> cause the specs are really clear on this..

You are absolutely correct, the microsoft.com records are invalid -- hard 
to believe but true.  And I think it is important that implementations and 
their users NOT begin to weaken their lookup limits, because otherwise 
more and more domains will begin to ignore the lookup limits, in turn 
again causing other implementations to have to raise, or entirely get rid 
of, their limits.

The limits are a necessary evil that serve the purpose of mitigating the 
risks of DoS attacks.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFEumiKwL7PKlBZWjsRArTQAKCaDdwnHOSohBNLakaKET96L4dakQCgipo0
b3PGl33bA9oMVM8vxXTRY3I=
=QUeU
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org


Mime
View raw message