I've been looking into the SPF timeout issues. I've noticed that even with
the alarm timeout set to 10 seconds it appears that in some cases the SPF
query runs for up to 20 seconds before the timeout returns.
The nice thing about the Mail:SPF module is it can be passed a customized
DNS resolver to fine tune it's behavior.
Some suggesting for improving this:
- Create an $AlarmTimeout separate from the $DNSTimeout value. Set the
$AlarmTimeout to something like 10 seconds and the $DNSTimeout to 3 or 4
seconds. Since SPF can require >1 DNS lookup using the $DNSTimeout for the
alarm statement doesn't appear to be a good solution.
- Use the $AlarmTimeout for controlling the overall eval:
# Mail::SPF::Request lookup
eval {
local $SIG{ALRM} = sub { die "spf_query_timeout\n" }; # NB: \n
required
alarm $AlarmTimeout;
...
- Use the $DNSTimeout for the socket timeouts on the DNS resolver passed to
SPF:
my $res = Net::DNS::Resolver->new(
nameservers => [EMAIL PROTECTED],
tcp_timeout => $DNSTimeout,
udp_timeout => $DNSTimeout,
retrans => 3,
retry => 1
);
my $spf_server = Mail::SPF::Server->new(
hostname => $myName,
dns_resolver => $res
);
- We should also consider changing the default retrans = 5 and retry = 4
for the SPF DNS resolver. In my opinion 4 tries x 5 seconds = 20 seconds and
that's an eternity for one DNS lookup. I'm experimenting with retrans = 3
and retry = 1 to see what effect that has.
Comments?
Craig
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Assp-test mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/assp-test
