Bug#440450: libmail-spf-query-perl: Suggest increasing default max DNS lookups to work with paypal
phil
spam_from_debian_bugs_4 at chezphil.org
Sat Sep 1 15:36:38 UTC 2007
Package: libmail-spf-query-perl
Version: 1:1.999.1-3
Severity: normal
Hi,
By defauly spfquery limits itself to 10 DNS lookups. This can be overridden from
the command line. It returns an "unknown" response if more than 10 lookups are
needed.
It seems that getting all the SPF information for paypal.com takes 11 lookups. (It
looks like there is a limit on the length of the TXT record, and in order to list all
its IP ranges paypal has to use a number of includes.)
Since phishing emails with a forged @paypal.com sender are rather common, I suggest
slightly increasing the default limit to accommodate it.
Or, perhaps the limit could be substantially increased, e.g. 50 - I can't think what
it's guarding against, except for misconfigured SPF records with include loops, and
I'm not aware of that being a serious problem. I note that the limit was reduced
from 20 to 10 in 1.998-1, but I am unaware of the rationale for that.
Regards,
Phil.
-- System Information:
Debian Release: 4.0
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'stable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.21-1-686
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Versions of packages libmail-spf-query-perl depends on:
ii libnet-cidr-lite-perl 0.20-1 Merge IPv4 or IPv6 CIDR address ra
ii libnet-dns-perl 0.60-1 Perform DNS queries from a Perl sc
ii libsys-hostname-long-perl 1.4-1 Figure out the long (fully-qualifi
ii liburi-perl 1.35.dfsg.1-1 Manipulates and accesses URI strin
ii perl 5.8.8-7 Larry Wall's Practical Extraction
libmail-spf-query-perl recommends no packages.
-- no debconf information
More information about the pkg-perl-maintainers
mailing list