Topic: The SPF website Name: Matthew J. Rainoff Organization: Integegrated Data Processing, Inc.
The test page does not pass all A records for the domain when the "a" specifier is used correctly. The logic used in the web programming does not match the documentation for SPF. Live Example: Domain: 125percent.com SPF Policy: TXT Record - "v=spf1 a -all" A Record - mail.125percent.com 65.166.65.108 A Record - smtp.125percent.com 65.166.65.106 http://www.openspf.org/why.html?sender=joe%40125percent.com&; amp;ip=65.166.65.106&formwasused=1&debug=0 Incorrectly fails because it is only testing for the default A record instead of doing a reverse lookup on the IP and then verifying that it is a valid A record in the domain 125percent.com. My comments are based on the documentation of the a mechanism which clearly states: All the A records for domain are tested. If the client IP is found among them, this mechanism matches. The a Mechanism a a:<domain> a:<domain>/<cidr-length> a/<cidr-length> All the A records for domain are tested. If the client IP is found among them, this mechanism matches. If domain is not specified, the current-domain is used. -- Message was sent via the SPF website contact form <http://new.openspf.org/Contact> ------- To unsubscribe, change your address, or temporarily deactivate your subscription, please go to http://v2.listbox.com/member/[EMAIL PROTECTED]
