check-names conflicts with SPF macro definition

Daniel Stirnimann daniel.stirnimann at
Mon Jan 4 09:59:35 UTC 2021

Hello Mark,

the "exists" [1] macro results in A queries and the zone contains A
records. That's why the check-names processing applied.

Thanks for the hint regarding the nameserver hostnames.



On 04.01.21 10:33, Mark Andrews wrote:
> SPF records are TXT record which are NOT subject to check-names processing.
> If you created a seperate zone use nameservers that DO NOT live within the zone.
> is NOT a legal hostname as it is not LDH.
>> On 4 Jan 2021, at 20:01, Daniel Stirnimann <daniel.stirnimann at> wrote:
>> Hello all,
>> I changed SPF for to use SPF macros (RFC 7208). I wanted to
>> use the "_spf" label but bind9 check-names complained with a "bad owner
>> name (check-names)" message.
>> I have now used "spf" instead of "_spf", e.g. exists:%{ir}
>> I didn't want to disable check-names for because of this
>> conflict. However, SPF record publishing is generally recommended to use
>> the "_spf" subdomain which is not possible in this case.
>> I guess, the only alternative would have been to make ""
>> its own zone and set check-names for this zone statement to "ignore". Or
>> would this be a good reasons to loosen the check-names rules in bind9?
>> Thanks,
>> Daniel

More information about the bind-users mailing list