Mailing List Archive

Simple question-- is there a particular reason libspf is preferred over
say, Christophe Saout's qmail patch?

thanks,
Sean


James Couzens wrote:
> libSPF v1.0 RELEASE CANDIDATE 4 is now available for download from
> http://libspf.org
>
> This is probably one of the most significant releases of libSPF to
> date. A great deal of time has been spent focusing on portability and
> through the addition of Autotools and with help from a variety of
> individuals libSPF now cleanly compiles on four separate architectures.
>
> The changelog is massive, but here are the highlights:
>
> Changelog:
>
> - Fixed SEGV in utility function UTIL_split_strr which ironically was
> discovered when Meng changed the SPF record published by pobox.com :D
> - Removed old spfquery due to annoying getopt dependency
> - Added new SPF Query Tool as API implementation example and test tool
> - New Architecture: PowerPC architecture support
> - New Architecture: SPARC architecture support
> - New OS: OSX/Darwin 10.3 support as a result
> - New OS: Solaris 8.0 and 9.0 for both x86 and SPARC
> - New OS: OpenBSD 3.5 [x86_64]
> - New GNU/Linux Distro supported: Fedora Core 1 [x86] Method: SRPM/RPM
> - New GNU/Linux Distro supported: Fedora Core 1 [x86_64] Method: SRPM/RPM
> - New GNU/Linux Distro supported: Fedora Core 2 [x86] Method: SRPM/RPM
> - New GNU/Linux Distro supported: Fedora Core 2 [x86_64] Method: SRPM/RPM
> - New GNU/Linux Distro supported: Red Hat 7.3 [x86] Method: SRPM/RPM
> - Autotools checks for libbind and libresolv
> - Added HOWTO for Sendmail to the MTA section of the documentation
> - Added 'Debugging libSPF' paper to the API section of the documentation
> - Added Doxygen API documentation tree
>
> As always please submit bugs, suggestions, comments, etc.. they are
> always welcome.
>
> This release had exceptional help from many people but most notably from
> Michael Weiner, Rob McMahon, and Troy D. Straszheim. Its awesome to see
> such strong support from the community, your time is greatly
> appreciated.
>
> Cheers,
>
> James
>

-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-devel@v2.listbox.com

On Thu, 2004-07-22 at 13:30, Sean wrote:

> Simple question-- is there a particular reason libspf is preferred over
> say, Christophe Saout's qmail patch?

Yes. Now of course this is my opinion, nothing more nothing less, so
here goes, but I warn you however I'm going to be long winded and
prattle for a moment here since I've got a rather large file transfer
moving across my local network and the intense I/O has rendered my
machine fairly useless for anything other than prattling :-)

It is my opinion that the smaller the code, the better. I'm sure you
are already thinking of a couple obvious reasons for this, but I'll
state a couple any ways, firstly though, some preamble to help explain
my opinion:

I have more faith in Qmail then I do any any other piece of software
second to that of only DJBDNS. By adding code to it, not authored by
DJB that faith is compromised. I don't know anyone with experience in
the administrative area of internet operations who can place the kind of
faith and trust that many of us do with the aforementioned software,
those two are pretty much the holy grail of trustworthy code.. Now we
don't live in a perfect world, and Dan isn't working on Qmail anymore,
however, thats not a BAD thing, its a GOOD thing. IMHO Qmail is the
tiniest most secure and modern MTA anyone could hope to run. Compiled
its barely over a megabyte in binaries AFTER my patch and some others.
That being said, Russell Nelson is a competent individual as is Cazabon
two of the individuals responsible for NetQmail and the patches that are
within.

So I've established that I believe Qmail to be rock solid. Well I will
tell you what, you wouldn't catch me dead running any of these heavily
patched offerings out there, I'd rather be hanging from a ferris wheel
with my pants around my ankles ;) Many people believe DJB to be some
kind of asshole, much like the reputation associated with Theo de Raddt,
and perhaps they are right, but someone has to play asshole or nothing
will ever get done right.

Now I had the fortune of spending a weekend with a bunch of OpenBSD
developers at a "hackathon" focused on PF a few weeks back. I being a
Linux monkey although being a user of OBSD, took a pretty good verbal
tarring and feathering relating to my association with all things
Penguin. If you think I've got an ego problem like Wayne seems to
believe, you need to go spend a an hour or two with a group of people
who say things you hate to hear, and are absolutely 100% RIGHT about
what they say. I have to say I walked away from there exceptionally
impressed at the level of commitment Theo gets from his developers, and
I absolutely loved the way they handle code. Confucius say less is
more. He knows when to say no, when to put his foot down, and whilst I
can't personally claim to enjoy being berated for unintentional
ignorance I can certainly say he knows what he's talking about and
doesn't appear waiver in opinion or to stray from principle. I take my
hat off to both DJB and to the entire OpenBSD team for their incredible
work.

Soo.... Take a peep in SPF-DISCUSS and enjoy the KOOK fest thats going
on these days... if its not "Oh but what about the children!", you've
got MS KOOK's yearning for "extensibility" and "features" leaving you
with more "features" *cough* bugs *cough* then you can shake a stick at,
code four times the size it should be, and so on and so forth. So?? So
whats IS my point!? Well... ...you made it this far, and I did warn you
I was going to be long winded, but I also promised a point.

My patch for Qmail is tiny, but a few lines of code which link an
external library that I was able to code in the manner that best suites
both my level of skill and my style. I HATE to say this, but its so
true, Qmail is disgusting looking code, and it pains me to even write in
that manner as you SHOULD maintain style when you modify someone else's
code it is advised by Kernighan & Pike*. I used by distaste of style as
motivation to keep my patch as minimal as possible.

I can't really give you a" use mine its better" speel, but I can offer
the following reasons why I use it instead of Christophe's:

1) Obviously I wrote it, and thus I use it, thats a given. Who would
use a piece of software written by someone when the author doesn't even
use it? Ok so, lets ignore that one and move on..

2) Its integration with Qmail is tiny, I dare say negligible, as I have
just attempted to illustrate, Qmail is practically perfect, the less
code you add, the more confidence can remain and the quicker you can
regain any confidence lost through such integration.

3) You can't easily debug the CSQP ("Christophe Saout's Qmail Patch").
This is certainly not true of libSPF! Not only can I have implicit
faith in Qmail through its solid "unmodified" 1.03 or 1.05 releases, but
I can thereby with strong confidence root through libSPF in search of an
issue having faith that I'm not wasting my time laying blame to the
wrong piece of code. The debugging code written into libSPF is
substantial, flexible, and IMO pretty good! If you are a developer you
might consider reading "Debugging libSPF" @
http://libSPF.org/debugging_libspf.pdf

4) I wrote libSPF to be as efficient as I possible through use of an
on-the-fly parser, to allocate memory only as much as was needed for any
given task, and to stray away from "features" that are unnecessary to
simply facilitate a little SPF parsing. I've run it through extensive
memory leak checkers, debuggers, and profilers. This is harder to do
when you are dealing with something integrated into Qmail. Because of
this Christophe's patch simply through the number of people writing in
DJBC in addition to using Qmail at the same time is extremely likely to
be far less then the number of people who have been through libSPF
because its of its confinement to ANSI standard, the benefits inherent
with any library, and through optional dynamic linking upgrades can
happen without ever altering Qmail code again since the API is locked
down and hasn't changed in quite some time. In addition through its
thoughtful configuration can easily be removed or tweaked from a running
MTA with a flick of a switch, and back again, all through fully taking
advantage of the native Qmail configuration mechanisms (control files
and TCPSERVER vars).

5) Lastly its covered by anyone's favorite license. Qmail's license
though quite open, also suffers from a clause that stipulates you can
not modify it in any way and or package it with another piece of
software. This is frustrating. Again, leading to LESS people testing
and running the software in question. On the other hand libSPF is
licensed with a modified version of the Apache license which was
intentionally worded to promote commercial implementation and use by
anyone anywhere for any reason completely FREE without want or worry.

Reasons why I could think to use the CSQP instead of libSPF would be
that his patch makes use of the internal DJBDNS library, memory and
string handling libraries possibly making his implementation faster then
libSPF. I can't really say since I have not performed any comparison
tests, but experience would lend me to believing that the scale is
likely tipped in the direction of the CSQP.

So I guess, try them both if you can't make up your mind, I say you
should use what makes the best sense for the goal you have in mind.
Right tool for the job right?

Hope I haven't bored you to death, I've only got another 350GB left to
go!

Cheers,

James


--
James Couzens,
Programmer
-----------------------------------------------------------------
http://libspf.org -- ANSI C Sender Policy Framework library
http://libsrs.org -- ANSI C Sender Rewriting Scheme library
-----------------------------------------------------------------
PGP: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xBD3BF855

-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-devel@v2.listbox.com

On Fri, Jul 23, 2004 at 01:30:48PM -0700, James Couzens wrote:
> On Thu, 2004-07-22 at 13:30, Sean wrote:
>
> > Simple question-- is there a particular reason libspf is preferred over
> > say, Christophe Saout's qmail patch?
>
> Yes. Now of course this is my opinion, nothing more nothing less, so
> here goes, but I warn you however I'm going to be long winded and
> prattle for a moment here since I've got a rather large file transfer
> moving across my local network and the intense I/O has rendered my
> machine fairly useless for anything other than prattling :-)
>
> <SNIP>
>
> Hope I haven't bored you to death, I've only got another 350GB left to
> go!

This was actually quite entertaining :)

Ever thought of opening up a blog or something?? :)

Koen

--
K.F.J. Martens, Sonologic, http://www.sonologic.nl/
Networking, embedded systems, unix expertise, artificial intelligence.
Public PGP key: http://www.metro.cx/pubkey-gmc.asc
Wondering about the funny attachment your mail program
can't read? Visit http://www.openpgp.org/

-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-devel@v2.listbox.com

On Fri, 2004-07-23 at 13:53, Koen Martens wrote:
> On Fri, Jul 23, 2004 at 01:30:48PM -0700, James Couzens wrote:
> > On Thu, 2004-07-22 at 13:30, Sean wrote:
> >
> > > Simple question-- is there a particular reason libspf is preferred over
> > > say, Christophe Saout's qmail patch?
> >
> > Yes. Now of course this is my opinion, nothing more nothing less, so
> > here goes, but I warn you however I'm going to be long winded and
> > prattle for a moment here since I've got a rather large file transfer
> > moving across my local network and the intense I/O has rendered my
> > machine fairly useless for anything other than prattling :-)
> >
> > <SNIP>
> >
> > Hope I haven't bored you to death, I've only got another 350GB left to
> > go!
>
> This was actually quite entertaining :)
>
> Ever thought of opening up a blog or something?? :)

This isn't my own personal blog?!?! ;)

Cheers,

James

--
James Couzens,
Programmer
-----------------------------------------------------------------
http://libspf.org -- ANSI C Sender Policy Framework library
http://libsrs.org -- ANSI C Sender Rewriting Scheme library
-----------------------------------------------------------------
PGP: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xBD3BF855

-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-devel@v2.listbox.com