Re: [Exim] SMTP+SPF

Top Page
Delete this message
Reply to this message
Author: David Saez
Date:  
To: Matthew Byng-Maddick
CC: exim-users
Subject: Re: [Exim] SMTP+SPF
Hi !!

> organisations. Also, it doesn't scale well for any organisation who respond
> to load by bringing other machines online. There appears to be no provision
> for killing the SPF querier by doing recursive SPFincludes, with no actual
> data. As far as I can tell, David Saez's ACL falls to this attack.


exim acl recursion is limited to 20 iterations, so there is no way to
produce any damage to a Exim server. Nevertheless there will be no
recursion if there is no real recursive SPFIncludes published. No data
produces no recursion.

> This is
> also by no means the first time that something like this has been mooted,
> and every time, it's rejected, mainly because of the enormous amount of work
> it requires (both to set up and to maintain).


It took me 10 minutes to publish spf info for about 200 domains. I also
do not understand your objections to how spf scales. As I know you could
spf-allow a whole C class with a single line of configuration.

--
Best regards ...

Does fuzzy logic tickle?

----------------------------------------------------------------
   David Saez Padros                http://www.ols.es
   On-Line Services 2000 S.L.       e-mail  david@???
   Pintor Vayreda 1                 telf    +34 902 50 29 75
   08184 Palau-Solita i Plegamans   movil   +34 670 35 27 53
----------------------------------------------------------------