--Pete Resnick <presnick(_at_)qualcomm(_dot_)com> wrote:
So let's say that all SPF TXT records start with "_spf", like
"_spf.example.com". Now let's say that I've got a domain that has names
like "mail1.sales.example.com", "mail2.sales.example.com",
"unix.support.example.com", "mail.marketing.example.com", and that's what
a recipient will be using for the SPF lookup. So I want an SPF record
that will match "*.sales.example.com". How do I make such a record?
Matthew's flippant response aside, I agree with Pete, this is a problem.
Creating extra labels is a great way to avoid conflicts with existing
labels, but it totally defeats wildcards. I'm not quite ready to take
wildcards off the table just because of someone else's preference.
Wildcards may turn out to be important, because we haven't yet ironed out
the relationship between domains and their subdomains, LMAP-wise. Does the
LMAP record for mycorp.com also protect mail from @www.mycorp.com? How
about demon.co.uk and fruitbat.demon.co.uk? Even if there is some kind of
inheritance (which there very well might be, but it has to be done
carefully) -- even with that, there are going to be cases where you might
want to wildcard your entries... like, if you already have a wildcard A
record or MX record and you want those made-up names to have a different
LMAP info from the base.
My feeling is that reusing TXT (or SRV or A records for that matter) is a
bit of a hack. It is acceptable, but not optimal. Shifting the label to
add _spf or _ep or whatever is even more of a hack. BOTH of these are
considerably-less-than-perfect replacements for getting our own record
type, which is IMO the RIGHT answer.
--
Greg Connor <gconnor(_at_)nekodojo(_dot_)org>