spf(_at_)metro(_dot_)cx wrote:
simply a matter of defining spf records for * (along with
spf records for subdomains that are explicitly defined by A
or CNAME records)
Okay, then that's probably missing in "my" case (= my ISP ;-)
@ IN TXT "v=spf1 <insert spf stuff here> -all"
www IN TXT "v=spf1 include:clarenet.de -all"
* IN TXT "v=spf1 include:clarenet.de -all"
Now I'm not sure what "@" stands for, but your example also
works for "home ... spf1 stuff" + "* ... include:home".
i think this post belongs on the help list..?
Sorry, the only other lists I was aware of were "announce" and
"devel" and a couple of IETF lists...
To give it a 'discussion' edge
...but at least "wildcards" are an issue on these lists. ;-)
IIRC the SPF FAQ only says that "vanity hosts don't work", but
apparently - if I understand your example - this only means
that you can't have _different_ policies for different vanity
hosts. But the same policy with wildcards works, good enough.
shouldn't we have some include-like mechanism that also
includes the '-all' for @, or am I missing something here?
Maybe there should be more examples with explanations in the
FAQ. I should have read mechanisms.html before - apparently
redirect=claranet.de is a better solution for my case.
Something like -include:an.example.net would be strange, "near
misses" are often very instructive.
Tnx & bye, Frank