On Thursday 26 August 2004 8:12 am, Jim Fenton wrote:
Can anyone
clear up whether adding the prefix breaks wildcards, or
were they already
broken?
Since I don't know what you mean by "broken", I can't comment
to whether or
not wildcards are "already broken". BUT, if you publish:
*.example.com. IN TXT "v=spf1 ..."
*.example.com. IN TXT"spf2.0/pra ..."
Then, if a query for "host.example.com IN TXT" would match
the wildcard, the a
query for "_marid.host.example.com IN TXT" would ALSO match
the wildcard.
So, the problem isn't that wildcards and marid records don't
work, it is just
that when using wildcards, the _marid prefix no longer gets
you *just* the
spf2.0/pra record. I.e. the current status quo.
While David is right, there is also the corollary that *.example.com
will only match nodes that do not exist at all. So there are two issues,
do wildcards work as expected, is the wildcard useful at all. The matching
behavior means that the wildcard is not useful for the use cases given.
i.e. if we have
a.example.com
*.example.com. IN TXT "v=spf1 ..."
Will match _marid.b.example.com, b.example.com but not a.example.com
regardless of whether a has TXT records or not.
So you can't use a wildcard to give a default SPF record for DNS
names of hosts that exist. Only the hosts that don't exist will match.
I don't know what happens for _marid.a.example.com, I think it should
not match but one of the DNS people can say for sure.
IF _marid.a.example.com did match the wildcard then it would be a way
to make the wildcards useful.