spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

txt SPF record with cname

2004-09-13 19:32:41
from [guy] [Permanent Link] 
If I have these dns records:
watkins-home.com.               A       1.2.3.4
                                txt     "v=spf1 a -all"
www.watkins-home.com.   CNAME   watkins-home.com.
                                txt     "v=spf1 -all"

The txt record for "www.watkins-home.com." gives an error.

I get an error similar to this in the messages file:
named[16521]: dns_master_load: master/watkins-home.com.db:4:
www.watkins-home.com: CNAME and other data

Is this a problem?  Can "www.watkins-home.com." be forged?

Should I change the CNAME to A?

The "Current Protocol Specification":
        http://spf.pobox.com/draft-ietf-marid-protocol-00.txt
does not give examples of spf records for domains other than the main
domain.  The examples would tend to indicate only 1 SPF record is required.
The example does have a CNAME example (www.example.com.) but "www" is not
referenced anywhere else in the document.  No SPF record for
"www.example.com.".  There are no other references to CNAME.  No
instructions on what to do when a CNAME is found.

I think CNAME breaks SPF!  I hope I am wrong!

Thanks,
Guy Watkins

Sure you saved money, but at what cost?  "Guy Watkins"
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: MARID Co-Chairs Clarify Concensus Statement, Guillaume Filion
Next by Date:  Re: txt SPF record with cname, Stuart D. Gathman
Previous by Thread:  Re: MARID Co-Chairs Clarify Concensus Statement, Douglas K. Fischer
Next by Thread:  Re: txt SPF record with cname, Stuart D. Gathman
Indexes:  [Date] [Thread] [Top] [All Lists]