9.3.3 - SPF record checks

John Horne john.horne at plymouth.ac.uk
Thu May 30 22:37:50 UTC 2013


On Fri, 2013-05-31 at 06:53 +1000, Mark Andrews wrote:
> In message <1369923655.1952.6.camel at jhorne.config>, John Horne writes:
> > Hello,
> > 
> > I noticed in the 9.3.3 announcement the following new SPF check:
> > 
> >    Adds a new configuration option, "check-spf"; valid values are
> >    "warn" (default) and "ignore".  When set to "warn", checks SPF
> >    and TXT records in spf format, warning if either resource record
> >    type occurs without a corresponding record of the other resource
> >    record type.  [RT #33355]
> > 
> > I'm a bit curious about this because I thought that the SPF record type
> > was being deprecated - section 3.1 of
> > http://datatracker.ietf.org/doc/draft-ietf-spfbis-4408bis/?include_text=1
> > 
> > If it is being deprecated, then checking for an SPF record and finding
> > no corresponding TXT record makes sense, but finding a TXT record and
> > warning that there is no SPF record would seem a little pointless.
> 
> The draft has *not* been ietf last called.
>
Yup, I realise that this is just a draft and that things may well
change.

> If the use of SPF for SPF is deprecated we will adjust the warning
> but that has not happened yet.
> 
Fair enough.

> Current SPF libraries ask for SPF first then TXT so having a SPF
> record reduces the query load.
> 
I did not know that. Okay, so there is sense in adding the DNS SPF RR to
a zone then.



John.

-- 
John Horne, Plymouth University, UK
Tel: +44 (0)1752 587287    Fax: +44 (0)1752 587001



More information about the bind-users mailing list