Darvin Denmian asked:
> 2) What is the maximum number of includes inside a SFP field?
It is RECOMMENDED that SPF library implementations limit the number of DNS
operations performed during a lookup to ten, to cut down on the chances of a
denial-of-service exercise using SPF and to short-circuit any possible include
loops. Each lookup counts, and a lookup of an include is no exception to this
rule.
If there were nothing in the base record beyond IP ranges and one or more
includes, and all of the includes provided records with only IP ranges and
possibly other includes, then ten total includes should be expected to work.
Stick in a ptr clause (or anything else calling for a new DNS operation), and
the number of potential includes decreases.
Hope this helps,
Len
_______________________________________________
bind-users mailing list
[email protected]
https://lists.isc.org/mailman/listinfo/bind-users
