spf ent txt records.

Vernon Schryver vjs at rhyolite.com
Mon Mar 18 00:38:32 UTC 2013 

> 20741,  so direct SPF RR hits is about one third of those using TXT RR,
> small, but, insignificant? I wouldn't really say so, but some might.  I
> suspect the SPF wanting to be deprecated is because of the lack of
> take-up, due to lazy admins, there are some resolvers in use from
> ancient debian boxes that are so old, they dont understand the SPF RR,
> yes I know, they have bigger problems than that, but, again, comes down
> to laziness, DNS is not rocket science, I'm sure given ARM and access to
> google, a 13yo kid could get at least the "basics" right.

Laziness?--nonsense.  Postel's Law and simple logic predict the
deprecating of the SPF type as well as the continued practice of
publishing only TXT records by those with rational reasons to publish
SPF data.

 1. SMTP servers (mail receivers) that have wanted to honor SPF -all
   been forced to look for for SPF data in TXT records since the
   beginning.  There have been far more TXT records with SPF data
   than SPF records.  Therefore, the best course for SMTP servers
   has been to request TXT and only request SPF if the TXT request
   gives NODATA.  Requesting both SPF and TXT types would cost extra
   bandwidth and raise questions about what to do if both are present
   and differ.  Occassional differences between SPF and TXT are
   inevitable due to caching in recursive resolvers even when the
   authoritative server always changes both simultaneously.

 2. Rational operators of SMTP clients (mail senders) know that well
   maintained SMTP servers understand #1 and so request TXT first or
   request neither SPF nor TXT.
   Publishing only SPF type records would double an SMTP client's
   DNS costs.
   Pubishing both SPF and TXT would not help well mantained SMTP
   servers, but cost maintenance complexity and so potential errors.
   Therefore, it is best to publish only TXT for well maintained
   SMTP servers.
   Badly maintained SMTP servers are likely to only check TXT records.

Unlike the situations with IPv6 and DNSSEC, there are only costs
and no benefits for rational operators SMTP clients or servers to
change those two tactics.

Those interested in wider perspectives about SPF and TXT RRs than any
single domain or the perceptions of SPF enthusiasts might consider the
tables reporting surveys in RFC 6686.  One can ignore everything
specifically about SenderID and read only about popularity of SPF and
TXT records.  https://www.rfc-editor.org/rfc/rfc6686.txt


Vernon Schryver    vjs at rhyolite.com

More information about the bind-users mailing list