?
Solved

Multiple spf records for the same domain name

Posted on 2010-09-03
3
Medium Priority
?
1,168 Views
Last Modified: 2012-08-13
My question is as follows...

TXT records are limited to 255 characters, but what happens if your SPF record is longer? What is the right thing to do.

Is it:
[step="A" title="A"]Have separate SPF records with the same domain[/step]
OR
[step="B" title="B"]Have the first SPF record include a 2nd domain[/step]

I will give examples below

A.
yourdomain.com. IN TXT "v=spf1 ip4:<IP allocations> include:<somedomains.com> ~all"
yourdomain.com. IN TXT "v=spf1 ip4:<More IP allocations> include:<somemoredomains.com> ~all"

Open in new window



B.
yourdomain.com. IN TXT "v=spf1 ip4:<IP allocations> include:<somedomains.com> include:spf2.yourdomain.com ~all"
spf2.yourdomain.com. IN TXT "v=spf1 ip4:<More IP allocations> include:<somemoredomains.com> ~all"

Open in new window

0
Comment
Question by:jasonatspigit
  • 2
3 Comments
 
LVL 43

Accepted Solution

by:
ravenpl earned 2000 total points
ID: 33602321
According to http://www.openspf.org/svn/project/specs/rfc4408.txt section 4.5
You need the (B) way.
0
 

Author Comment

by:jasonatspigit
ID: 33619988
I have read that section over and over again and I am not seeing what you're seeing. How does that state B is the definite solution? The site is not accessible at the moment though.
0
 
LVL 43

Assisted Solution

by:ravenpl
ravenpl earned 2000 total points
ID: 33620044
  After the above steps, there should be exactly one record remaining
   and evaluation can proceed.  If there are two or more records
   remaining, then check_host() exits immediately with the result of
   "PermError".

IMHO the above clearly states (A) returns PermError. B should work though.
0

Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains how a domain name may be inadvertently appended to all DNS queries. This exhibits as described below. (CODE)And / Or: (CODE) Cause This issue can occur in either of these two scenarios. EITHER 1. A Primary DNS S…
I wrote this article to explain some important DNS concepts that should be known to avoid some typical configuration errors I often see in forums. I assume that what is described here is the typical behavior of Microsoft DNS client. I don't know …
this video summaries big data hadoop online training demo (http://onlineitguru.com/big-data-hadoop-online-training-placement.html) , and covers basics in big data hadoop .
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
Suggested Courses

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question