Hi.
Earlier this week, my GoDaddy contact let me know that they had
updated their SPF wizard. I checked, and almost all of the changes I
suggested have been fixed. He said that the problem with GoDaddy's
name servers not working for TXT records longer that 128 bytes is
being worked on and he hopes ot have that fixed soon.
If you are a godaddy customer, please check out their updated wizard
to make sure it is working right.
If you aren't a godaddy customer, but know of problems with it, please
check below and see if the problem was marked as fixed. If not,
please let me know.
: * On the first page of the wizard, you say "The Microsoft Sender ID
: Framework (formerly known as SPF) is an industry standard created to
: ..". This is not quite correct. SPF has not been renamed or replaced
: . by Sender ID. Sender ID builds on SPF, but it does slightly
: different things than SPF. Currently, SPF checking is done by far
: more mail systems than Sender ID and I think this will continue for a
: very long time.
Sadly, they haven't fixed this. :-<
: * Your wizard creates a TXT record that starts with "v=spf2.0/pra".
: This is incorrect for all versions of SPF and Sender ID. What you
: want is "v=spf1", or if you want to exclude SPF checking, you can
: generate "spf2.0/pra,mfrom". I highly recommend generating "v=spf1".
fixed!
: * When you enter IP addresses into the "outbound mail servers" box, it
: generates "a:" mechanisms instead of "ip4" or "ip6:" mechanisms. For
: example, if I enter "67.52.51.37", I get an SPF record that says
: "a:67.52.51.37" instead of "ip4:67.52.51.37". The "a:" mechanism does
: an A record lookup on a hostname and since "67.52.51.37" is not a
: valid hostname, RFC conformant SPF checkers will return a syntax
: error. (The folks who run the root name servers don't want queries
: for top level domains of "37" for hosts of "67.52.51.37".)
:
: The "a:" mechanism *is* what you want to do when people enter a
: hostname, such as mail.schlitt.net.
fixed!
: * If you enter more than one outbound mail server, your wizard does
: not strip off the NL character, thus generating mechanisms such as
: "a:\010mail.schlitt.net" instead of "a:mail.schlitt.net". (Dec 10 is
: the newline character.)
fixed!
: * personally, I would discourage the use of the "ptr:" mechanism. It
: is useful in some cases, but it requires the control of the reverse
: DNS name and it isn't as reliable in the face of DNS errors.
They still allow the ptr: mechanism.
: * I think you should give explicit options to generate the "-all",
: "~all" and "?all" endings.
They didn't change this either.
: In addition to the above bugs, I realized that the wizard needs to
: create SPF records for the HELO domains that are used. For example, I
: have an SPF record for mail.schlitt.net because that is what gets used
: on the SMTP HELO command when I send email. The HELO domain is used
: as a fall-back when the SMTP MAIL FROM is null (e.g. "<>").
They are also not recommending publish SPF records at the HELO domain
yet.
-wayne