check-names conflicts with SPF macro definition

Daniel Stirnimann daniel.stirnimann at
Mon Jan 4 09:01:26 UTC 2021

Hello all,

I changed SPF for to use SPF macros (RFC 7208). I wanted to
use the "_spf" label but bind9 check-names complained with a "bad owner
name (check-names)" message.

I have now used "spf" instead of "_spf", e.g. exists:%{ir}

I didn't want to disable check-names for because of this
conflict. However, SPF record publishing is generally recommended to use
the "_spf" subdomain which is not possible in this case.

I guess, the only alternative would have been to make ""
its own zone and set check-names for this zone statement to "ignore". Or
would this be a good reasons to loosen the check-names rules in bind9?


More information about the bind-users mailing list