Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

Troubleshooting
Research
Professional Opinions
Ask a Question
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

troubleshooting Question

are TXT (SPF) records global for sub-domains?

Avatar of structuredweb
structuredweb asked on
AntiSpamEmail ServersDNS
6 Comments1 Solution1772 ViewsLast Modified:
I have a SPF record for my top-level domain, structuredweb.com. see "dig" outputs below. as part of our operations we send emails from swmail.structuredweb.com (64.14.55.140) in which the Return-Path is an address under "inbound.structuredweb.com". i have no SPF record for this sub-domain.  when i run dig for this sub-domain i get no answer.
however, when i look at the headers of a typical email, i see that google approves this sender, as if it's honoring the SPF record for the top-level domain.

Is there any standard here? can I assume SPF records affect sub-domains unless there is a specific record on the sub-domain? the last example shows "campaigns.structuredweb.com" for which i do have a specific SPF record.

1) ========== email header ===========
Received-SPF: pass (google.com: domain of
 XCAM_xxx@inbound.structuredweb.com designates 64.14.55.140 as
 permitted sender) client-ip=64.14.55.140

2) ===== dig for txt record of structuredweb.com ============
$ dig @dns025.b.register.com structuredweb.com txt
; <<>> DiG 9.3.3rc2 <<>> @dns025.b.register.com structuredweb.com txt
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3276
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;structuredweb.com.             IN      TXT

;; ANSWER SECTION:
structuredweb.com.      14400   IN      TXT     "v=spf1 a:swmail01.structuredweb.com a:swmail.structuredweb.com include:aspmx.googlemail.com ?all"

;; Query time: 31 msec
;; SERVER: 216.21.232.25#53(216.21.232.25)
;; WHEN: Fri Mar 26 11:20:24 2010
;; MSG SIZE  rcvd: 144

3) ===== dig of inbound.structuredweb.com =============
$ dig @dns025.b.register.com inbound.structuredweb.com txt
; <<>> DiG 9.3.3rc2 <<>> @dns025.b.register.com inbound.structuredweb.com txt
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53828
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;inbound.structuredweb.com.     IN      TXT

;; AUTHORITY SECTION:
structuredweb.com.      14400   IN      SOA     dns174.a.register.com. root.register.com. 2009070226 28800 7200 604800 14400

4) ===== dig of campaigns.structuredweb.com =============
$ dig @dns025.b.register.com campaigns.structuredweb.com txt
; <<>> DiG 9.3.3rc2 <<>> @dns025.b.register.com campaigns.structuredweb.com txt
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49336
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;campaigns.structuredweb.com.   IN      TXT

;; ANSWER SECTION:
campaigns.structuredweb.com. 14400 IN   TXT     "v=spf1 ip4:64.14.55.140/32 ip4:64.14.55.141/32 ?all"

;; Query time: 32 msec
;; SERVER: 216.21.232.25#53(216.21.232.25)
;; WHEN: Fri Mar 26 11:29:41 2010
;; MSG SIZE  rcvd: 109

ASKER CERTIFIED SOLUTION
Avatar of shauncroucher
shauncroucherFlag of United Kingdom of Great Britain and Northern Ireland image

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Commented:
This problem has been solved!
Unlock 1 Answer and 6 Comments.
See Answers