This has some other ramifications as well. When a system performs a DNS
lookup on a name my understanding is that it will first try that name with
the local Domain Name appended to it. This means that I can access my
local system called beast as beast.mydomian.com and still find it. Using
this example 'mydomain.com' the resolver if unable to find this name is
supposed to try the next "level up" (i.e. beast.com) and so forth (next is
simply beast) until it runs out of levels to try and finally returns a
failure.
So when I type something like www.cnn.com in my browser it really first
tries www.cnn.com.mydomian.com. That fails so it tries to find
www.cnn.com.com which also fails. And lastly tries www.cnn.com which it
finds.
However if you supply a trailing '.' as in www.cnn.com. then it takes the
trailing dot to mean that this is fully qualified as is and will not try
the search list of domians on my local system.
Aside from the potential of someone actually having a match for
your_domain.their_domain in their DNS (which is very unlikely) by adding
this trailing dot you get faster lookups.
So, I would suggest that you USE the trailing dot.
-dj
On Sat, 8 May 2004, Lars Dybdahl wrote:
For example: "v=spf1 a:example.org. -all"
What is the meaning of this trailing dot?
A fully qualified domain name ends with a dot in DNS configuration files. If
you have a default search domain named "dybdahl.dk", then everything that
doesn't end in a dot would get this appended. This means, that in DNS
configuration files:
example.org is the domain that is used in http://example.org.dybdahl.dk/
example.org. is the domain that is used in http://example.org/
There is no need to have the dot in the SPF record - it would probably just
confuse a lot of people - but DNS operators would probably like to have it
there to make it look more like the rest of the DNS configuration file.
So the short answer is: Yes, just remove it.
Lars.