On Fri, 15 Aug 2014, David F. Skoll wrote:
On Fri, 15 Aug 2014 10:39:03 -0700 (PDT)
John Hardin <jhar...@impsec.org> wrote:
On Fri, 15 Aug 2014, David F. Skoll wrote:
SPF is so easy ("v=spf1 +all")
Doing *that* should be worth a point or two by itself.
Yes. I even through about implementing it, but there are so many ways
to achieve this:
v=spf1 +all
v=spf1 ip4:128.0.0.0/1 ip4:0.0.0.0/1
v=spf1 exists:openspf.org
... etc...
that we really need an SPF normalizing library that tells you what
percentage of IPv4 space would pass, and then add points for anyone claiming
(say) that more than 1% of total IPv4 space is OK.
Sure.
(Though the exists: mechanism is nasty; not sure you even can predict
what percentage of IPv4 is covered in complex cases.)
"exists:"? (looks up SPF syntax) (boggle) WTF is the sane use case for
"exists:"??
That also could be worth a point or two if it's used. There's no reason to
try to be *too* smart about edge cases. Do the coverage analysis where
possible, and add a point for unusual stuff like that. I assume this all
would have to be plugin-based; add an exclusion list for domains where
"exists:" is expected and should not be scored, similar to the URIBL
lookup domain exclusion list.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhar...@impsec.org FALaholic #11174 pgpk -a jhar...@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Therapeutic Phrenologist - send email for affordable rate schedule.
-----------------------------------------------------------------------
Today: the 69th anniversary of the end of World War II
