Solved

Multiple spf records for the same domain name

Posted on 2010-09-03
3
1,154 Views
Last Modified: 2012-08-13
My question is as follows...

TXT records are limited to 255 characters, but what happens if your SPF record is longer? What is the right thing to do.

Is it:
[step="A" title="A"]Have separate SPF records with the same domain[/step]
OR
[step="B" title="B"]Have the first SPF record include a 2nd domain[/step]

I will give examples below

A.
yourdomain.com. IN TXT "v=spf1 ip4:<IP allocations> include:<somedomains.com> ~all"
yourdomain.com. IN TXT "v=spf1 ip4:<More IP allocations> include:<somemoredomains.com> ~all"

Open in new window



B.
yourdomain.com. IN TXT "v=spf1 ip4:<IP allocations> include:<somedomains.com> include:spf2.yourdomain.com ~all"
spf2.yourdomain.com. IN TXT "v=spf1 ip4:<More IP allocations> include:<somemoredomains.com> ~all"

Open in new window

0
Comment
Question by:jasonatspigit
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 43

Accepted Solution

by:
ravenpl earned 500 total points
ID: 33602321
According to http://www.openspf.org/svn/project/specs/rfc4408.txt section 4.5
You need the (B) way.
0
 

Author Comment

by:jasonatspigit
ID: 33619988
I have read that section over and over again and I am not seeing what you're seeing. How does that state B is the definite solution? The site is not accessible at the moment though.
0
 
LVL 43

Assisted Solution

by:ravenpl
ravenpl earned 500 total points
ID: 33620044
  After the above steps, there should be exactly one record remaining
   and evaluation can proceed.  If there are two or more records
   remaining, then check_host() exits immediately with the result of
   "PermError".

IMHO the above clearly states (A) returns PermError. B should work though.
0

Featured Post

NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I've written instructions for one router type, but this principle may be useful for others of the same brand and even other brands of router. Problem: I had an issue especially with mobile devices that refused to use DNS information supplied via…
Resolve DNS query failed errors for Exchange
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…

632 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question