9.3.3 - SPF record checks
Mark Andrews
marka at isc.org
Thu May 30 20:53:57 UTC 2013
In message <1369923655.1952.6.camel at jhorne.config>, John Horne writes:
> Hello,
>
> I noticed in the 9.3.3 announcement the following new SPF check:
>
> Adds a new configuration option, "check-spf"; valid values are
> "warn" (default) and "ignore". When set to "warn", checks SPF
> and TXT records in spf format, warning if either resource record
> type occurs without a corresponding record of the other resource
> record type. [RT #33355]
>
> I'm a bit curious about this because I thought that the SPF record type
> was being deprecated - section 3.1 of
> http://datatracker.ietf.org/doc/draft-ietf-spfbis-4408bis/?include_text=1
>
> If it is being deprecated, then checking for an SPF record and finding
> no corresponding TXT record makes sense, but finding a TXT record and
> warning that there is no SPF record would seem a little pointless.
The draft has *not* been ietf last called. There is a large
disagreement over whether this is the right call to make or not.
RFC 4408 is still the current specification and it says "SHOULD
publish both", the failure to do is what named is warning about.
If the use of SPF for SPF is deprecated we will adjust the warning
but that has not happened yet.
Current SPF libraries ask for SPF first then TXT so having a SPF
record reduces the query load.
Mark
> John.
>
> --
> John Horne, Plymouth University, UK
> Tel: +44 (0)1752 587287 Fax: +44 (0)1752 587001
>
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
> from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the bind-users
mailing list