On May 18, 2004, at 19:30, Pete Resnick wrote:
So let's say that all SPF TXT records start with "_spf", like
"_spf.example.com". Now let's say that I've got a domain that has
names like "mail1.sales.example.com", "mail2.sales.example.com",
"unix.support.example.com", "mail.marketing.example.com", and that's
what a recipient will be using for the SPF lookup. So I want an SPF
record that will match "*.sales.example.com". How do I make such a
record? I can't use "_spf.sales.example.com", because that won't match
"mail1.sales.example.com". I can't use "_spf.*.sales.example.com",
because as far as I know the DNS will only match wildcards if they are
the left-most component of the domain name. So I either have to put in
individual records, or I have to depend on the receiver to work their
way up the tree and do queries for "_spf.mail1.sales.example.com", and
if that fails use "_spf.sales.example.com", and if that failes use
"_spf.example.com" (and probably not try "_spf.com" if that fails,
eh?). That stinks. We've got a wildcard mechanism in the DNS for a
reason. I'd rather not see us have to hack around it to get the same
effect. And I have yet to hear a satisfactory response to the issue.
You do not use TXT, but instead a new RR type.
paf