New warning message...

Mark Andrews marka at isc.org
Mon Jul 22 05:01:47 UTC 2013 

In message <BF47F557-DAC3-4B28-95BC-F1603722C665 at starionline.com>, SH Development writes:
> I just started noticing these in my log:
> 
> 7/21/13 11:33:13 PM	named[355]	21-Jul-2013 23:33:13.646 general: warning: zone domain.com/IN: 'domain.com' found S
> PF/TXT record but no SPF/SPF record found, add matching type SPF record
> 
> The zone does have an SPF record.  I'm not sure I understand what else I'm supposed to be doing.

No.  It has a legacy SPF TXT record.  It SHOULD have record of
type SPF as per RFC 4408.  Named will complain if both types
are not present.

3.1.1.  DNS Resource Record Types

   This document defines a new DNS RR of type SPF, code 99.  The format
   of this type is identical to the TXT RR [RFC1035].  For either type,
   the character content of the record is encoded as [US-ASCII].

   It is recognized that the current practice (using a TXT record) is
   not optimal, but it is necessary because there are a number of DNS
   server and resolver implementations in common use that cannot handle
   the new RR type.  The two-record-type scheme provides a forward path
   to the better solution of using an RR type reserved for this purpose.

   An SPF-compliant domain name SHOULD have SPF records of both RR
   types.  A compliant domain name MUST have a record of at least one
   type.  If a domain has records of both types, they MUST have
   identical content.  For example, instead of publishing just one
   record as in Section 3.1 above, it is better to publish:

      example.com. IN TXT "v=spf1 +mx a:colo.example.com/28 -all"
      example.com. IN SPF "v=spf1 +mx a:colo.example.com/28 -all"

   Example RRs in this document are shown with the TXT record type;
   however, they could be published with the SPF type or with both
   types.


> Jeff
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
> 
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org

More information about the bind-users mailing list