SPF records for subdomain
Kevin Darcy
kcd at daimlerchrysler.com
Wed Jul 14 17:08:17 UTC 2004
Len Conrad wrote:
>>I have delegated a subdomain to a user who has asked me to do the following:
>>Add a CNAME record in my parent domain pointing to his mail server.
>>
>>
>
>why? ( but I don't really care)
>
>rather than give us a "word problem" to solve, please show the RRs you want
>us to review. Less ambiguous for us and less typing for you.
>
>
>
>> Then had
>>an SPF record in my parent domain which points to this same CNAME record.
>>
>>
>
>see above
>
>
>
>>First, isn't this syntax incorrect?
>>
>>
>
>see above
>
>
>
>>From what I've read, it is. Also, I
>>don't have any other SPF records for my parent domain, wouldn't it be
>>dangerous to add one such record
>>
>>
>
>"one such record? see above
>
>
>
>>pointing to his mail server without adding
>>any records for all outgoing mail servers in my parent domain?
>>
>>
>
>Avoid CNAMEs, they are probably screwed up more often than they are used
>correctly. and it sounds like you're stepping into the screwed up category.
>
While we're at it, why not ban automobiles, since most drivers have an
accident at some point in their lives?
The solution to the "CNAME problem" is education and due care, not just
trying to will the record type out of existence. There are *many*
situations in which CNAMEs are the preferred way to do things, classless
in-addr delegation being only the best known example...
- Kevin
More information about the bind-users
mailing list