[Bug 1057874] Review Request: libspf2 - Implementation of the Sender Policy Framework for SMTP authorization
bugzilla at redhat.com
bugzilla at redhat.com
Wed Apr 1 18:39:30 UTC 2015
https://bugzilla.redhat.com/show_bug.cgi?id=1057874
Scott Kitterman <sklist at kitterman.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |sklist at kitterman.com
--- Comment #9 from Scott Kitterman <sklist at kitterman.com> ---
I'm not a Fedora/Red Hat user, but I am the Debian opendmarc maintainer as well
as someone who's been involved in SPF development for a long time (for instance
the editor for RFC 7208). I was asked to post to this bug to suggest reopening
this as a better solution than using the internal opendmarc SPF code.
The internal opendmarc SPF code is not a full SPF implementation. I have
reviewed it and have not been able to (as an example) find where it implements
the DNS lookup limits specified in RFC 4408 section 10.1/RFC 7208 4.6.4. While
it's possible I missed something (I didn't have a huge amount of time for a
thorough analysis), I don't think the opendmarc SPF code is suitable for
production use and have linked opendmarc in Debian against libspf2. I would
recommend Red Hat/Fedora do the same.
In Debian, there are additional packages that use libspf2, so providing a
libspf2 package would also make those packagable too.
--
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
More information about the package-review
mailing list