Mailing List Archive: Macro

Macro

Mar 30, 2005, 11:48 PM

Post #1 of 4 (2203 views)

Uhh, forget to ask one detail :

If sender is someone@example.com
%{l} = 'someone'
%{d} = 'example.com'
%{o} = 'example.com'

But, if theresis 'include:example.org', when evaluating include ??

%{d} = 'example.com'

%{o} = 'example.org'

%{s} = 'someone@example.com'

%{l}@%{d} = 'someone@example.com'

%{l}@%{o} = 'someone@example.org'

That is right ?

-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-devel@v2.listbox.com

Re: Macro [ In reply to ]

nobody at xyzzy

Mar 31, 2005, 12:56 AM

Post #2 of 4 (2131 views)

Permalink

Dejan Petrovic wrote:

> If sender is someone@example.com
> %{l} = 'someone'
> %{d} = 'example.com'
> %{o} = 'example.com'

Yes, mnemonic "o = original domain, d = this domain".

> But, if theresis 'include:example.org', when evaluating
> include ??

> %{d} = 'example.com'
> %{o} = 'example.org'

Hm, exactly the opposite: %[s} is always the same as %{l}@%{o}

> %{s} = 'someone@example.com'

Yes.

> %{l}@%{d} = 'someone@example.com'

No, that's someone@example.org (a weird case)...

> %{l}@%{o} = 'someone@example.org'

...and that's the same as %{s} = someone@example.com

In the 1st checkhost() initialize s = sender = "MAIL FROM id.",
or s = sender = "postmaster@ HELO id." resp. Then extract
l = local part and o = original domain. Finally set d := o
and go. If checkhost() calls itself recursively simply set
d = domain of sender policy, but keep s = l@o as they were.

Bye, Frank

-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-devel@v2.listbox.com

Macro [ In reply to ]

dejanspf at ztbclan

Apr 3, 2005, 6:42 PM

Post #3 of 4 (2129 views)

Permalink

Im not sure when need to process macro :
Example:
"v=spf1 ip4:123.123.123.123 exists:%{d].something.example.com -all"

1. To transform macros before procesing mechanims ?
spfPolicy := transformMacro('v=spf1 ip4:123.123.123.123
exists:%{d].something.example.com -all')
In this case raise permError before process ip4 because macro is invalid

Or

2. To transform macros for each mechanism ?:
- checkSPFPolicy(transformMacro('ip4:123.123.123.123')) <- if this pass
newer raise error for second invalid macro
- checkSPFPolicy(transformMacro('exists:%{d].something.example.com'))
...

Tnx in advance
Dejan Petrovic

-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-devel@v2.listbox.com

Re: Macro [ In reply to ]

nobody at xyzzy

Apr 4, 2005, 4:10 AM

Post #4 of 4 (2120 views)

Permalink

Dejan Petrovic wrote:

> Im not sure when need to process macro :

AFAIK the idea of a "validating SPF implementation" is to catch
syntax errors a.s.a.p. So if you see a {%x} anywhere it's
clear that this is invalid, you'd throw PermError and give up.

> "v=spf1 ip4:123.123.123.123 exists:%{d].something.example.com
> -all"

Yes, that's a syntax error => PermError.

| Implementations MAY choose to parse the entire record first
| and return "PermError" if the record is not syntactically
| well formed. However, in all cases, any syntax errors
| anywhere in the record MUST be detected.

The MUST here is a bit obscure. Obviously you either look for
syntax error first (= MAY) and return PermError if something is
completely wrong.

Or you evaluate mechanisms left to right, and then if you got a
match for ip4:123.123.123.123 the result is PASS, because you
never see the broken exists: in this case.

The MUST actually means that you should never reach the "-all"
at the end (behind the broken exists:-mechaism).

In other words you MUST NOT ignore syntax errors when you see
them, return PermError, not FAIL.
Bye, Frank

-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-devel@v2.listbox.com