Package: wnpp
Severity: wishlist
* Package name : libspf
Version : 1.0.0 rc4
Upstream Author : James Couzens <jcouzens@6o4.ca>
* URL : http://www.libspf.org
* License : see below
Description : official ANSI C sender policy framework (SPF) library
libSPF is an ANSI[0] C implementation of the SPF[1] ("Sender Policy
Framework"). libSPF's focus is to be as small and as portable as
possible and to provide a working example of how SPF would ideally be
implemented for authors of MTA's and implementors of RFC's 2821 and 2822.
libSPF currently only implements[2] explicitly what is set out in the SPF
Internet Draft as it was sent off to the I-D archive (
http://archives.listbox.com/spf-discuss@v2.listbox.com/200405/0128.html) of
which copy can be found at the libSPF website:
http://libspf.org/files/spf-draft-200405.txt
[0] to support the method of debugging employed in libSPF the library looses
its C/89 compliance to take advantage of Variadic Arguments (__VA_VARARGS__)
which are taken from the ISO C/99 C standard. Any stable branch of libSPF will
loose the debugging code and reclaim C/89 compliance.
[1] SPF is formerly known as Sender Policy Framework.
[2] The development branch of libSPF contains feature enhancements not
identified in the RFC of which most notably is the AVL-Tree DNS caching layer
which will be back ported into the 1.0-STABLE tree when it arrives at the
STABLE status.
Technical tidbits about the underlying implementation are that libSPF
employs an "on the fly" parse method where records are evaluated in a
byte by byte manner allowing the parser to return results at the first
sign of success or failure for much of the SPF Query language. This
parsing method affords a speed advantage over all other implementations
which perform an unnecessary validation of the entire query before
moving on to data evaluation. Great care has been taken to use unsigned
integers whenever possible, and to employ only safe string handling
functions (eg: snprintf over sprintf). Further care has been spent
allocating memory only to the very byte that is necessary and employing
dynamic allocation where appropriate. Several memory leak detection
implementations most notably Valgrind have been employed since the
beginning to ensure that memory is not leaked, and every single byte of
allocated memory is explicitly freed irregardless of the natural cleanup
of a modern kernel. This attention to detail has led to an efficient
and secure library with which it is hoped will lend confidence to those
who intend to implement it.
At the time of this writing libSPF ships with patches for Qmail,
Sendmail and Courier, and includes an API example entitled "SPF Query"
which doubles as an SPF validation test tool found within the source
tree. I encourage anyone who can to contribute by submitting patches
for the any and all MTA's or related software. Lastly the LICENSE that
libSPF is released under is a derivative of the Apache license aptly
named "the libSPF license", intentionally authored to encourage FREE
commercial use without worry, something that unfortunately the GPL and
LGPL do not afford.
/*
* License:
*
* The libspf Software License, Version 1.0
*
* Copyright (c) 2004 James Couzens & Sean Comeau All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE AUTHORS MAKING USE OF THIS LICENSE
* OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
-- System Information:
Debian Release: testing/unstable
APT prefers testing
APT policy: (600, 'testing'), (98, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.7-1-k7-smp
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8
--
Please do not CC me when replying to lists; I read them!
.''`. martin f. krafft <madduck@debian.org>
: :' : proud Debian developer, admin, and user
`. `'`
`- Debian - when you have better things to do than fixing a system
Invalid/expired PGP subkeys? Use subkeys.pgp.net as keyserver!
Attachment:
signature.asc
Description: Digital signature