Wireshark-bugs: [Wireshark-bugs] [Bug 7721] New: wireshark.org SPF record(s) are malformed
Date: Wed, 12 Sep 2012 09:50:45 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7721

           Summary: wireshark.org SPF record(s) are malformed
           Product: Web sites
           Version: N/A
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: Major
          Priority: Medium
         Component: Main site - www.wireshark.org
        AssignedTo: bugzilla-admin@xxxxxxxxxxxxx
        ReportedBy: ethereal-dev-20030907@xxxxxxxxxxxxxxxxx


Build Information:


--
The wireshark.org SPF record is composed of 3 strings: 
        "v=spf1"
        "include:spf.wireshark.org"
        "-all"
The spf.wireshark.org SPF record is composed of multiple strings:
        "v=spf1"
        "ip4:174.137.42.64/27"
        "ip4:67.228.110.120/29"
        "ip4:67.228.108.96/29"
        "ip4:208.43.68.147/32"
        "ip4:69.4.231.55/30"
        "include:spf.postini.com"
        "include:bluehost.com"
        "-all"

The above definitions presumes that the separation of data into separate
strings  is syntactically significant, however the rules for interpreting SPF
TXT records(in Section 3.1.3 of RFC 4408) clearly says:

3.1.3.  Multiple Strings in a Single DNS record

   As defined in [RFC1035] sections 3.3.14 and 3.3, a single text DNS
   record (either TXT or SPF RR types) can be composed of more than one
   string.  If a published record contains multiple strings, then the
   record MUST be treated as if those strings are concatenated together
   without adding spaces.  For example:

      IN TXT "v=spf1 .... first" "second string..."

   MUST be treated as equivalent to

      IN TXT "v=spf1 .... firstsecond string..."

   SPF or TXT records containing multiple strings are useful in
   constructing records that would exceed the 255-byte maximum length of
   a string within a single TXT or SPF RR record.

So, when the values contained in the two wireshark.org SPF records are read,
the separate strings are concatenated.  The concatenated string doesn't parse
according to the SPF interpreting rules.  This information should either be
contained in one string separated by spaces OR the separate strings should have
leading or trailing spaces to meet the required SPF syntax.

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.