Solved

Multiple spf records for the same domain name

Posted on 2010-09-03
3
1,141 Views
Last Modified: 2012-08-13
My question is as follows...

TXT records are limited to 255 characters, but what happens if your SPF record is longer? What is the right thing to do.

Is it:
[step="A" title="A"]Have separate SPF records with the same domain[/step]
OR
[step="B" title="B"]Have the first SPF record include a 2nd domain[/step]

I will give examples below

A.
yourdomain.com. IN TXT "v=spf1 ip4:<IP allocations> include:<somedomains.com> ~all"
yourdomain.com. IN TXT "v=spf1 ip4:<More IP allocations> include:<somemoredomains.com> ~all"

Open in new window



B.
yourdomain.com. IN TXT "v=spf1 ip4:<IP allocations> include:<somedomains.com> include:spf2.yourdomain.com ~all"
spf2.yourdomain.com. IN TXT "v=spf1 ip4:<More IP allocations> include:<somemoredomains.com> ~all"

Open in new window

0
Comment
Question by:jasonatspigit
  • 2
3 Comments
 
LVL 43

Accepted Solution

by:
ravenpl earned 500 total points
ID: 33602321
According to http://www.openspf.org/svn/project/specs/rfc4408.txt section 4.5
You need the (B) way.
0
 

Author Comment

by:jasonatspigit
ID: 33619988
I have read that section over and over again and I am not seeing what you're seeing. How does that state B is the definite solution? The site is not accessible at the moment though.
0
 
LVL 43

Assisted Solution

by:ravenpl
ravenpl earned 500 total points
ID: 33620044
  After the above steps, there should be exactly one record remaining
   and evaluation can proceed.  If there are two or more records
   remaining, then check_host() exits immediately with the result of
   "PermError".

IMHO the above clearly states (A) returns PermError. B should work though.
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
SPF Record 9 46
Dyndns Configuration 3 53
Domain join remote sites or not 3 48
Using an internal domain name that you do not own 6 39
Most DNS problems are VERY easily troubleshot and identifiable if you can follow the steps a DNS query takes. I would like to share the step-by-step a DNS query takes from the origin to the destination. _____________________________________________…
I've written instructions for one router type, but this principle may be useful for others of the same brand and even other brands of router. Problem: I had an issue especially with mobile devices that refused to use DNS information supplied via…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

930 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now