spf-discuss
[Top] [All Lists]

Re: MX and TXT

2004-01-13 12:56:16
Also, unless I'm all wet, I think an MX record is still just optional - i.e.
it's
valid to have just a host record in order to receive mail.

geoffj wrote:

 > As I mentioned previously, I don't use BIND
 so I don't know how to add a TXT record to an MX lookup,
 but it cannot be difficult and isn't disallowed.

I think the BIND example before looked like this:


    mx.example.com.   A    10.9.8.7
                      TXT  "v=spf mx -all"

Now reading it that way, it may look like the 'mx.example.com'
has two pieces, an A and TXT "in one piece".  But the above
BIND zone snippet is equivalent to

    mx.example.com.   A    10.9.8.7
    mx.example.com.   TXT  "v=spf mx -all"

or even

    mx.example.com.     A    10.9.8.7
    blah.example.com.   A    127.0.0.1
    mx.example.com.     TXT  "v=spf mx -all"


You've created two separate types of records for mx.example.com,
an A record and a TXT record.  The first example does use the
shorthand of not explicitly naming the hostname itself, but it's
still a completely separate record.

Hopefully this clarifies some of the confusion.

Brian

Some of the confusion here seems to derive from people not
being familiar with what actually comes back from a dns REQUEST.
I prefer to speak of an MX lookup, or better perhaps REQUEST.
This way one avoids the confusion of whether MX refers to
a request or a record. I get the impression that when requests
are sent from a UNIX shell they display just the ANSWER, which
is only a fraction of the reply. This sounds confusing. but it
is part of the design so as to allow for glue so as to
promote efficiency. An MX REQUEST almost always
gives back NS records and A records as well as the MX
ANSWER. All I'm saying is that I think that the best place for the
spf TXT record is in the REPLY to an MX REQUEST.

Since I don't use UNIX much (or Bind at all!) I refer you to
dnsstuff.com/pages/expert.htm which will give you a great
graphical sense of this.

But I am getting the impression that it may not be possible to
add additional records to a REPLY to an MX REQUEST, such as a
txt(spf) record. I do this just be adding a line to my Java DNS server.
Perhaps an addition to a zone file won't achieve this. That is
for someone familiar with it to say. But I do know
that my DNS server with its additional TXT record in REPLY to an
MX REQUEST works perfectly in terms of directing incoming post to the
domain.

geoff


--
Brian Hatch                  "In Valen's name."
   Systems and
   Security Engineer
http://www.ifokr.org/bri/

Every message PGP signed

-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.4.txt
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡

Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

Attachment converted: strixG3:signature.asc (????/----) (0011B7DA)

--

-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.4.txt
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡


"MMS <safeway.com>" made the following annotations.
------------------------------------------------------------------------------
Warning: 
All e-mail sent to this address will be received by the Safeway corporate
e-mail system, and is subject to archival and review by someone other than the
recipient.  This e-mail may contain information proprietary to Safeway and is
intended only for the use of the intended recipient(s).  If the reader of this
message is not the intended recipient(s), you are notified that you have
received this message in error and that any review, dissemination,
distribution or copying of this message is strictly prohibited.  If you have
received this message in error, please notify the sender immediately. 
  
==============================================================================

-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.4.txt
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡


<Prev in Thread] Current Thread [Next in Thread>