Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. SPF>
  3. Devel
Re: Digest 1.17 for spf-devel
administrator at yellowhead
Mar 2, 2004, 8:28 AM
Post #1 of 1 (677 views)
Permalink
At 07:58 AM 3/2/2004 -0500, you wrote:
>From: Meng Weng Wong <mengwong@dumbo.pobox.com>
>Subject: Re: [spf-discuss] SPF Server (DMP-style)
>Date: Fri, 27 Feb 2004 13:34:35 -0500
>
>We should move this thread to spf-devel.
>
>On Fri, Feb 27, 2004 at 10:56:48AM -0700, administrator@yellowhead.com wrote:
>| I am comtemplating writing an SPF Server program to offload some of the
>| functionality of SPF from the MTA. It would operate very much in the way
>| that a Black List server operates. Queries would be in the form:
>|
>| 4.214.8.207.v2.listbox.com
>
>This sounds good, but there might be a problem with SPF domains that use
>per-user macros like %{l}, so the full query needs to be preserved.
>
>| It would maintain a dynamic cache with a fairly long TTL and respond to DNS
>| type queries with:
>|
>| SPFPass - No Record Found
>| SPFFail - 127.0.0.2
>| SPFNeutral - 127.0.0.4
>| SPFSoftFail - 127.0.0.8
>| SPFNone - 127.0.0.16
>| SPFUnknown - 127.0.0.16
>| SPFError - 127.0.0.32
>
>No record found should be SPFNone, SPFPass should be coded.
>
>| The MTA would then react in whatever manner it would be configured to
>| respond. It is already partially developed.
>
>libspf-alt has a binary-format caching mechanism, you might want to look
>at that also.
>
****************** REPLY SEPARATER ******************
Actually, that is the way that Black List servers work (only this is a
white list server). No Record Found (not an error or no SPF record found)
is normally used to signify an IP is not listed and is OK to accept. In
this case it would be used to signify that it is listed and OK to accept.
<127.0.0.2> and it's derivations would be used to identify why the record
is not listed. Failure to respond would be treated as SPFUnknown.

Work is moving along, but I have run into a snag on testing this thing with
Sendmail. How do I configure Sendmail to send a DNSbl query using the
Envelope sender instead of the normal Black List host name. DNSbl queries
are usually sent at the check_relay stage which occurs before the
check_mail stage. Is this even possible without modifications?

J.A. Coutts

-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname@Ë`Ì{5¤¨wâÇSÓ°)h

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal