[Mimedefang] check for "null SPF entries" only
Steffen Kaiser
skmimedefang at smail.inf.fh-bonn-rhein-sieg.de
Wed Feb 24 09:07:29 EST 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello,
I was logging SPF results, basically made by:
my $q = new Mail::SPF::Query (
sender => $lcSender,
ip => $relay,
helo => $Helo,
myhostname => $me,
);
my $r = ($q->result())[4];
I noticed that lots of users have forwarded mail resulting the query to
return "fail".
So I got the idea to not act on fail, but on "null SPF entries" only.
E.g. to bounce the mail only if
$r->{spf_record} =~ /\Av=spf\S+\s+-all\z/ && $r->{result} eq 'fail'
Does somebody know of a SPF implementation that only checks for "null SPF
entries", aka "v=spf1 -all"? But does support, probably, TXT/SPF RRs and
v=spf2.0 as well?
The idea simply is to avoid unnecessary DNS requests, recursions and
matching, because there is none, except the SPF / TXT retrieval. Maybe
somebody has some statistics about the impact of "complex" SPF rules, how
many are there etc.pp.
Regards,
- --
Steffen Kaiser
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iQEVAwUBS4UypEgddVksjRnHAQIPZAgAzEHiV09p93Ggh2dgWYAn483Guv85jRFg
rZTrVjH+tv1+RX4+UzvVwhbqdZGlJN9nW0X+GriwqgTfjLmEqnw85QU+gTXG6d/q
kfXxC1RALhovK3959pPKziszGyAC+JeNrCrpzVbu6Jh+Vy0SV2Hv2YzNc8AeK7gl
RkQiJ4Wma6nD17IMLEH9i71aQHZw8nVab7pVfYnUjeCHuXNC2yT+ybdMXIPKcTXE
mNp8eEU03d1FneHz68b0mM3yCOzRfv2elLKZd7Wl6cGxYB5n/+Eo2xLkiiJg8f/+
PaszzOXLKZaiqvqBsA2XFCiVGHIdSRaPNMl5Q5sM0k+gPJMdaBGM0A==
=NORM
-----END PGP SIGNATURE-----
More information about the MIMEDefang
mailing list