[Mimedefang] check for "null SPF entries" only

[Steffen Kaiser]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello,

I was logging SPF results, basically made by:

my $q = new Mail::SPF::Query (
 	sender => $lcSender,
 	ip => $relay,
 	helo => $Helo,
 	myhostname => $me,
 	);
my $r = ($q->result())[4];

I noticed that lots of users have forwarded mail resulting the query to 
return "fail".

So I got the idea to not act on fail, but on "null SPF entries" only.
E.g. to bounce the mail only if
$r->{spf_record} =~ /\Av=spf\S+\s+-all\z/ && $r->{result} eq 'fail'

Does somebody know of a SPF implementation that only checks for "null SPF 
entries", aka "v=spf1 -all"? But does support, probably, TXT/SPF RRs and 
v=spf2.0 as well?

The idea simply is to avoid unnecessary DNS requests, recursions and 
matching, because there is none, except the SPF / TXT retrieval. Maybe 
somebody has some statistics about the impact of "complex" SPF rules, how 
many are there etc.pp.

Regards,

- -- 
Steffen Kaiser
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iQEVAwUBS4UypEgddVksjRnHAQIPZAgAzEHiV09p93Ggh2dgWYAn483Guv85jRFg
rZTrVjH+tv1+RX4+UzvVwhbqdZGlJN9nW0X+GriwqgTfjLmEqnw85QU+gTXG6d/q
kfXxC1RALhovK3959pPKziszGyAC+JeNrCrpzVbu6Jh+Vy0SV2Hv2YzNc8AeK7gl
RkQiJ4Wma6nD17IMLEH9i71aQHZw8nVab7pVfYnUjeCHuXNC2yT+ybdMXIPKcTXE
mNp8eEU03d1FneHz68b0mM3yCOzRfv2elLKZd7Wl6cGxYB5n/+Eo2xLkiiJg8f/+
PaszzOXLKZaiqvqBsA2XFCiVGHIdSRaPNMl5Q5sM0k+gPJMdaBGM0A==
=NORM
-----END PGP SIGNATURE-----