> As I mentioned previously, I don't use BIND
so I don't know how to add a TXT record to an MX lookup,
but it cannot be difficult and isn't disallowed.
I think the BIND example before looked like this:
mx.example.com. A 10.9.8.7
TXT "v=spf mx -all"
Now reading it that way, it may look like the 'mx.example.com'
has two pieces, an A and TXT "in one piece". But the above
BIND zone snippet is equivalent to
mx.example.com. A 10.9.8.7
mx.example.com. TXT "v=spf mx -all"
or even
mx.example.com. A 10.9.8.7
blah.example.com. A 127.0.0.1
mx.example.com. TXT "v=spf mx -all"
You've created two separate types of records for mx.example.com,
an A record and a TXT record. The first example does use the
shorthand of not explicitly naming the hostname itself, but it's
still a completely separate record.
Hopefully this clarifies some of the confusion.
Brian
Some of the confusion here seems to derive from people not
being familiar with what actually comes back from a dns REQUEST.
I prefer to speak of an MX lookup, or better perhaps REQUEST.
This way one avoids the confusion of whether MX refers to
a request or a record. I get the impression that when requests
are sent from a UNIX shell they display just the ANSWER, which
is only a fraction of the reply. This sounds confusing. but it
is part of the design so as to allow for glue so as to
promote efficiency. An MX REQUEST almost always
gives back NS records and A records as well as the MX
ANSWER. All I'm saying is that I think that the best place for the
spf TXT record is in the REPLY to an MX REQUEST.
Since I don't use UNIX much (or Bind at all!) I refer you to
dnsstuff.com/pages/expert.htm which will give you a great
graphical sense of this.
But I am getting the impression that it may not be possible to
add additional records to a REPLY to an MX REQUEST, such as a
txt(spf) record. I do this just be adding a line to my Java DNS server.
Perhaps an addition to a zone file won't achieve this. That is
for someone familiar with it to say. But I do know
that my DNS server with its additional TXT record in REPLY to an
MX REQUEST works perfectly in terms of directing incoming post to the
domain.
geoff
--
Brian Hatch "In Valen's name."
Systems and
Security Engineer
http://www.ifokr.org/bri/
Every message PGP signed
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.4.txt
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#�«Mo\¯HÝÜîU;±¤Ö¤Íµø�?¡
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
Attachment converted: strixG3:signature.asc (????/----) (0011B7DA)
--
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.4.txt
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname(_at_)©#�«Mo\¯HÝÜîU;±¤Ö¤Íµø�?¡