Re: [dmarc-ietf] Doing a tree walk rather than PSL lookup

John R Levine <johnl@taugh.com> Tue, 24 November 2020 19:29 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DE5A93A18CC for <dmarc@ietfa.amsl.com>; Tue, 24 Nov 2020 11:29:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b=G2Qhvc/f; dkim=pass (2048-bit key) header.d=taugh.com header.b=VgjvjKLC
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9pzmFGUl-hg3 for <dmarc@ietfa.amsl.com>; Tue, 24 Nov 2020 11:29:20 -0800 (PST)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 223E03A18A6 for <dmarc@ietf.org>; Tue, 24 Nov 2020 11:29:13 -0800 (PST)
Received: (qmail 399 invoked from network); 24 Nov 2020 19:29:12 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:subject:in-reply-to:references:mime-version:content-type; s=18c.5fbd5f08.k2011; i=johnl-iecc.com@submit.iecc.com; bh=conPJty6UtVWwEDdqFhACUuqtNHlEt+ET2B2zB38sKQ=; b=G2Qhvc/f6h0mJo4OWqVS7Wo3IlSjbJgoWl0aDRP6df4R6Sg3OOwOd/lwc4wMdvVnEVrpuJWdmVJcjbsvzpve3jNFbc35kNh9NqIpJFjetZ6s5o1l8PzH8Y/+7eoGSVFoeIdKVgIuutyelymZGl24V9mJsV2V3xEgH2d89pQwsdCX+K90AX7GifNREUS3Vey+KgatroXq1cKi/jB7avbBo1gb71hiUEHAVo5FGdjVVhA5gquPzdpjZ7NIaJFM7U7FilWDNgNPu2PTG1F79ID3PpIrEOYC8pg2eEAdIXarao2NzHsoKdZa38Y9DQT/BhAaZAbLrU4FEZelN2Jf7WikJA==
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:subject:in-reply-to:references:mime-version:content-type; s=18c.5fbd5f08.k2011; olt=johnl-iecc.com@submit.iecc.com; bh=conPJty6UtVWwEDdqFhACUuqtNHlEt+ET2B2zB38sKQ=; b=VgjvjKLCastTppH+TfBDLRecCsIuoH+iAg5GZdSBBPGGQXqwykz5AsoqmeMdls97rLbTMcmLm0d9IDwrbQTC7j+qe1Zu5d76G7OWfQoU4+I5PXkdo3DUe/s72ojGpptn/J2ZPnoL1QDHU8K0PPTk3ib7jkuiZV/XuMuQj+SQiY1AkpfEFHxKrjzcjFVaTUpVu4K7890ibLhC6Y7vQeF/bIDwmIWb4/INQIWjuhkVKhCHcFcMKAYBEAZsdB5r2RGcXF8GfIun+MuSQ9rJ+hRh95RQ5mHwV+6/hL7Njem2s7sAI+lVh+mKWWz82a+ZfzZ0e3fBgykT6HzqbmF1dWMzYQ==
Received: from localhost ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPSA (TLS1.3 ECDHE-RSA AES-256-GCM AEAD, johnl@iecc.com) via TCP6; 24 Nov 2020 19:29:11 -0000
Date: 24 Nov 2020 14:29:11 -0500
Message-ID: <e5d3a3bc-8a44-7b33-bdda-ca457ff3e984@taugh.com>
From: "John R Levine" <johnl@taugh.com>
To: "Alessandro Vesely" <vesely@tana.it>, dmarc@ietf.org
In-Reply-To: <36f4f840-0911-56f5-185b-3f60166eab47@tana.it>
References: <20201124170351.C430227DFEBF@ary.qy> <36f4f840-0911-56f5-185b-3f60166eab47@tana.it>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII; format=flowed
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/gtub4j-0oxP80e7WaYkqKVMTkyI>
Subject: Re: [dmarc-ietf] Doing a tree walk rather than PSL lookup
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Nov 2020 19:29:29 -0000

> Right.  The optimal solution would be to load the list and the lookup 
> algorithm as a shared object.  Currently, my filter has its private copy of 
> it.  But then I don't reload the filter so often that parsing the file is 
> noticeable.  To wit, loading the virus database takes much much longer.

Indeed.  I don't think that processing the PSL is an overwhelming amount 
of work, but I also don't think there is much difference in performance 
between using the PSL and making DNS queries that are likely to be 
answered from a local cache.

> "Holy Roman Empire"

Organizations, typically universities, where the nominal organization tree 
and the actual control are different.  The PSL isn't useful because the 
party that controls their Org domain often doesn't control lower parts of 
the DNS tree.

Regards,
John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly