Mailing List Archive

On Thu, 6 Dec 2007, Julian Mehnle wrote:

> I added it in revision 94 of the test-suite trunk:
>
> http://www.openspf.org/source/project/test-suite/rfc4408-tests.yml?view=log
>
> If no one objects, I'll make a new test-suite release of those and
> Stuart's changes in a week or so.

+ e14.example.com:
+ - SPF: v=spf1 a:example..com

There was already a test for this: invalid-domain-empty-label. It currently
allows for either ignoring the empty label, or permerror. If there is an
official errata requiring nomatch instead of permerror, then simply change
the result set of the existing test. Or were you concerned about
2 adjacent dots vs 3?

+ e5a.example.com:
+ - SPF: v=spf1 a:museum

This seems to be not redundant. However, it seems unintuitive to me that
example..com must be ignored, but museum gets a permerr.

+ e11.example.com:
+ - SPF: v=spf1 exists:%{i}.%{l2r-}.user.%{d2}
+ 1.2.3.4.gladstone.philip.user.example.com:
+ - A: 127.0.0.2

Good, but the actual failing example in the field used %{l1r-}. Shouldn't
we use that?

--
Stuart D. Gathman <stuart@bmsi.com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flammis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.

-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Archives: http://v2.listbox.com/member/archive/1007/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/1007/
Modify Your Subscription: http://v2.listbox.com/member/?member_id=1311533&id_secret=73242648-ba7609
Powered by Listbox: http://www.listbox.com

On Thu, 6 Dec 2007, Stuart D. Gathman wrote:

> + e5a.example.com:
> + - SPF: v=spf1 a:museum
>
> This seems to be not redundant. However, it seems unintuitive to me that
> example..com must be ignored, but museum gets a permerr.

How about this case:

Result: pass ?

e5b.example.com:
- SPF: v=spf1 a:museum.

--
Stuart D. Gathman <stuart@bmsi.com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flammis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.

-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Archives: http://v2.listbox.com/member/archive/1007/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/1007/
Modify Your Subscription: http://v2.listbox.com/member/?member_id=1311533&id_secret=73252781-37bb10
Powered by Listbox: http://www.listbox.com

Julian Mehnle wrote:
> Julian Mehnle wrote:
>> Philip Gladstone wrote:
>>> Can I get a test case added to the SPF test suite that deals with the
>>> problematic situation in my SPF record.
>>>
>>> In particular I have the following piece:
>>>
>>> -exists:%{i}.%{l1r-}.user.%{d}
>>>
>>> [...]
>> We can add a test case to the test suite easily [...]
>
> I added it in revision 94 of the test-suite trunk:
>
> http://www.openspf.org/source/project/test-suite/rfc4408-tests.yml?view=log
>
> If no one objects, I'll make a new test-suite release of those and
> Stuart's changes in a week or so.

I just ran the testsuite r94 against jSPF and all tests pass.

Stefano


-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Archives: http://v2.listbox.com/member/archive/1007/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/1007/
Modify Your Subscription: http://v2.listbox.com/member/?member_id=1311533&id_secret=73351673-a890f0
Powered by Listbox: http://www.listbox.com

Stuart D. Gathman wrote:

> + e14.example.com:
> + - SPF: v=spf1 a:example..com

> There was already a test for this: invalid-domain-empty-label.
> It currently allows for either ignoring the empty label, or
> permerror. If there is an official errata requiring nomatch
> instead of permerror, then simply change the result set of
> the existing test.

IMO we have a (last *1) pending erratum in this direction, this
could be joined with Julian's recent proposal if it's about the
same problem.

> + e5a.example.com:
> + - SPF: v=spf1 a:museum

> This seems to be not redundant. However, it seems unintuitive to
> me that example..com must be ignored, but museum gets a permerr.

We have a "one dot required" syntax rule. IIRC it was not only an
attempt to mirror the soon obsolete 2821 syntax, we need it to find
the CIDR in a <domain-spec>. A result of MARID, where a friend of
Mark cried foul after a getting "parser yamming" with flex or yacc.

Let's accept the musem PERMERROR as oddity, please. I've removed
my unconfirmed and related "TLD is a valid domain" erratum based
on what 2821bis does (permit TLDs). So far the DNS folks didn't
complain: Maybe it's irrelevant if DNS queries for "oemcomputer"
are indirectly "permitted" by 2821bis, if MTAs did this anyway,
no matter what 2821 said. <shrug />

Frank

1: "last erratum" as in "I just moved emty exp to approved", with
an edit history comment hinting that public support by Scott,
Julian, you, and me is a kind of "SPF Council approval".

-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Archives: http://v2.listbox.com/member/archive/1007/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/1007/
Modify Your Subscription: http://v2.listbox.com/member/?member_id=1311533&id_secret=73670357-4cdd81
Powered by Listbox: http://www.listbox.com