IETF Logo Mail Archive

Re: [spfbis] WGLC: draft-ietf-spfbis-4408bis-14

Scott Kitterman <spf2@kitterman.com> Sat, 20 April 2013 23:40 UTC

Return-Path: <spf2@kitterman.com>
X-Original-To: spfbis@ietfa.amsl.com
Delivered-To: spfbis@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D633621F88E6 for <spfbis@ietfa.amsl.com>; Sat, 20 Apr 2013 16:40:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.562
X-Spam-Level:
X-Spam-Status: No, score=-2.562 tagged_above=-999 required=5 tests=[AWL=0.038, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id e3bjBs+iNmJ2 for <spfbis@ietfa.amsl.com>; Sat, 20 Apr 2013 16:40:04 -0700 (PDT)
Received: from mailout02.controlledmail.com (mailout02.controlledmail.com [72.81.252.18]) by ietfa.amsl.com (Postfix) with ESMTP id CACDE21F888F for <spfbis@ietf.org>; Sat, 20 Apr 2013 16:40:03 -0700 (PDT)
Received: from mailout02.controlledmail.com (localhost [127.0.0.1]) by mailout02.controlledmail.com (Postfix) with ESMTP id 3C32920E40D2; Sat, 20 Apr 2013 19:39:54 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=kitterman.com; s=2007-00; t=1366501194; bh=QrgwkO8ivBNTNFKHs9Um8TT4sw54nvGXiOnTurNjbZw=; h=From:To:Subject:Date:In-Reply-To:References:From; b=fpobXCfDB0rbIVqd0PZat++xUzr8LkDjl9/WGMXgw6+zF6F73pMGsD0b5RXiuHucu AmWrcJHD2l3zI/zO2PNj/b8s9eljqMfAGlXg3p7y8KeWHUwex0sg11JN8tHSpuV2qw ETb2b0OuYjsv8DyPXpnxcPNU58HYZhF5CcSuRAeI=
Received: from scott-latitude-e6320.localnet (static-72-81-252-21.bltmmd.fios.verizon.net [72.81.252.21]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mailout02.controlledmail.com (Postfix) with ESMTPSA id 1F86B20E409E; Sat, 20 Apr 2013 19:39:53 -0400 (EDT)
From: Scott Kitterman <spf2@kitterman.com>
To: spfbis@ietf.org
Date: Sat, 20 Apr 2013 19:39:52 -0400
Message-ID: <4648119.hrfo14norY@scott-latitude-e6320>
User-Agent: KMail/4.9.5 (Linux/3.5.0-27-generic; KDE/4.9.5; i686; ; )
In-Reply-To: <20130420233229.47086.qmail@joyce.lan>
References: <20130420233229.47086.qmail@joyce.lan>
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"
X-AV-Checked: ClamAV using ClamSMTP
Subject: Re: [spfbis] WGLC: draft-ietf-spfbis-4408bis-14
X-BeenThere: spfbis@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: SPFbis discussion list <spfbis.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spfbis>, <mailto:spfbis-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/spfbis>
List-Post: <mailto:spfbis@ietf.org>
List-Help: <mailto:spfbis-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spfbis>, <mailto:spfbis-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 20 Apr 2013 23:40:05 -0000

On Saturday, April 20, 2013 11:32:29 PM John Levine wrote:
> >>    Checking "HELO" promotes consistency of results and can reduce DNS
> >> 
> >> resource usage.
> >> 
> >> I understand the consistency, but how does doing two lookups rather
> >> than one reduce DNS resource usage?  Suggest just removing the second
> >> clause.
> >
> >Generally, the SPF record for HELO requires at most one additional DNS
> >lookup, so even if you have a relatively low rejection rate base on these
> >records, you can come out ahead on resource expenditure because it's
> >generally an inexpensive check compared to Mail From records.
> 
> Well, maybe.  If someone says "HELO hotmail.com" as some spamware has
> been known to do, you're going to do a lot of extra work before you
> look at the Mail From.

That's why it says "can reduce", not "does reduce".  In my experience, it's 
generally a savings, but there are certainly cases where it's not.

(snipped the rest since I vote let's not argue).

Scott K

v2.23.0 | Report a Bug | By Email