SPF on 9.4.1 now?

Mark Andrews Mark_Andrews at isc.org
Mon May 21 14:36:43 UTC 2007


[J.D. Bronson: Can you please fix the nameserver for wixb.com so they
 answer queries from anywhere in the world?]

> J.D. Bronson wrote:
> > It seems to me I recall 9.4.1 supports SPF directly within the zone?
> > If so, instead of using something like this:
> > 
> > TXT     "v=spf1 mx ptr -all"
> > 
> > do we now also use:
> > 
> > SPF     "v=spf1 mx ptr -all" ?
> > 
> > I cant find anything on this and google was usless...so I thought i 
> > would ask right here..
> 
> Yes.  And the record format is identical to the TXT record format.
> 
> Although, for now, you should put in both.  Folks using older versions
> of various SPF validation software floating around do not yet lookup SPF
> (type 99) records, and this is further complicated by the fact that
> certain DNS implementations do not respond at all to a query for an SPF
> record type (again, of the type 99 variety), which causes a significant
> timeout issue.  :-/

	Which is a perfect reason to take the TXT records out.  If
	you keep the TXT record there then there in no incentive
	to upgrade / fix broken software.  People will be asking
	in 10 years time "Do we still need the TXT spf record?"

	We had people asking well into the current millennium if
	you still need a A record for mail domain.  We don't need
	the same thing to happen for SPF.

	It's much better to just use the new record only.  SPF is
	not critical.  The lack of a TXT record just means that the
	old clients can't validate.  This won't break communication.
	The legitimate email will still get through.

	Mark

> Regards,
> Mike
> 
> -- 
> Michael Milligan                                   -> milli at acmeps.com
> 
> 
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org



More information about the bind-users mailing list