search

stalwartlabs / mail-auth

DKIM, ARC, SPF and DMARC library for Rust
https://docs.rs/mail-auth/
Apache License 2.0
82 stars 13 forks source link

SPF verify returning None for long domain names with valid SPF records #33

Closed titussanchez closed 2 months ago

titussanchez commented 2 months ago

Hi,

I recently found some domain names in the wild that are fairly long. They are >63 characters and causing the SPF verification function to return a None even though a valid SPF record exists at the domain name.

I found this in spf/verify.rs:91-93

        if domain.is_empty() || domain.len() > 63 || !domain.has_labels() {
            return output.with_result(SpfResult::None);
        }

Based on RFC 5321 it looks like the 63 character limitation should be on the individual labels and not the total length of the domain. The total domain name length limit is 255 characters.

mdecimus commented 2 months ago

Hi,

Makes sense, can you submit a PR for this?