Re: The IANA has assigned us DNS number 99 for SPF2005-07-12 02:45:56On Tue, 2005-07-12 at 00:56 -0400, wayne wrote: fyi; The IANA has assigned us the qtype number 99 for the SPF record. See: http://www.iana.org/assignments/dns-parameters Congrats you got IANA to actually *do* something ;) (now I'll ask them *again* when they start assigning port numbers...) In <002c01c5869d$76125eb0$0100000a(_at_)lennons> "Lennon - Orcon" <lennon(_at_)orcon(_dot_)net(_dot_)nz> writes:Just have to wait until Bind + others get it added in..Right. You don't really have to, just use, per RFC3597: TYPE99 "v=spf1 ..." You will have to wait till somebody has patched yours to do SPF instead of TYPE99 indeed. For you to check: $ host -t 99 sixxs.com sixxs.com 99 #( ; unknown type 76 3D 73 70 66 31 20 2D 61 6C 6C ; v=spf1 -all ) $ dig +short sixxs.com type99 \# 11 763D73706631202D616C6C host shows it also as TXT, nice ;) NS's are debian bind9's (unstable), see the zone file below (indeed that is all it contains, we are not commercial ;) So we have to wait for everyone to update their bind servers/clients...right Only for the config file. The TYPE99 will simply be carried along. Then again there are broken DNS resolvers which croaked when seeing AAAA records and something like the following would result: $ dig @ns example.net AAAA NORESULTS/NXDOMAIN $ dig @ns example.net A 10.10.1.1 Thus if you first queried for the AAAA, then you would see NORESULTS, a subsequent query for the A would fail as the NORESULTS would have been cached. Watch out for this for the SPF record too. Many of these faulty installations have been fixed though after finding them (eg bbc.co.uk had this issue due to it's loadbalancing dns). and microsoft will use the record :-( and goWrong. They can't, as TYPE99 is assigned to SPF 99 [RFC-schlitt-spf-classic-02.txt] notice the 'schlitt-spf-classic' and not to anything in the form of Sender-ID :) MS will need to upgrade their software to support new RR types. Such an update, if I understand correctly, isn't even slated for Longhorn. Someone only has to implement a DNS querier that can ask for TYPE99/SPF that is it, what does the OS care about records, unless you mean the complete distro, including things like Outlook Express. Personally, I don't see the new SPF RR every being widely used. But, this is what some people *really* want, so here it is. It's probably best to change most if not all information to do the SPF record as quickly as possible. Now people are still adding TXT records, at a certain point that will reach a huge mass of people and then there is no way back, thus: fix that website and start doing SPF records. Greets, Jeroen -- $ORIGIN sixxs.com. $TTL 86400 @ IN SOA ns1.sixxs.net. hostmaster.sixxs.net. ( 2005071201 14400 ; Refresh 7200 ; Retry 1209600 ; Expire 86400 ; Minimum ) NS ns1.sixxs.net. NS ns2.sixxs.net. NS ns3.sixxs.net. MX 10 noc.sixxs.net. MX 20 bfib.ipng.nl. MX 50 hog.ipng.nl. TYPE99 "v=spf1 -all" TXT "v=spf1 -all" www IN CNAME noc.sixxs.net. ------- Sender Policy Framework: http://spf.pobox.com/ Archives at http://archives.listbox.com/spf-discuss/current/ To unsubscribe, change your address, or temporarily deactivate your subscription, please go to http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
|
|