?
Solved

TXT and SPF DNS Records

Posted on 2013-11-03
5
Medium Priority
?
440 Views
Last Modified: 2013-11-07
I did some readings about TXT record, the articles will give you slink to SPF, it sounds like TXT and SPF are related.

Any DNS Expert to explain clearly what TXT and SPF are used for, an example will be also very helpful.

Thank you
0
Comment
Question by:jskfan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 27

Assisted Solution

by:davorin
davorin earned 664 total points
ID: 39619752
The SPF "record" in DNS is specified as TXT DNS record type. From beginning TXT records were probably meant for comments, but later it was used also for other proposes like for SPF, DKIM,... records
There also exist the "real" SPF record, but it is not supported by many systems, so you can say it is obsolete and not used any more.
My only usage of TXT record is for specifying SPF. I have never used it for any other purpose.

Some more info here: http://en.wikipedia.org/wiki/List_of_DNS_record_types
http://www.debianhelp.co.uk/dnsrecords.htm
0
 
LVL 13

Assisted Solution

by:Daniel Helgenberger
Daniel Helgenberger earned 1336 total points
ID: 39619864
Just to add to davorin's good synopsis of SPF and TXT records, SPF records are used to identify a valid sender IP for mail systems. A receiving mail server may query these to know if the domain permits this particular server / ip sending mail on it's behalf. The syntax is quite powerful.
Please note, a correctly configured SPF has no downsides and only benefits.

There is also one very common use of TXT records: Companies (esp. Microsoft) uses these for domain ownership validation. For instance, you are registering your domain for Office 365. Microsoft requires you to add a certain Auth code as TXT record to the top level of your domain which is in turn validated by Microsoft, assuming someone being able to change DNS settings is also the owner of that domain (this will be the case in almost all cases).
0
 

Author Comment

by:jskfan
ID: 39620277
I though DNS reverse lookup is the one used to verify the sender domain
0
 
LVL 13

Accepted Solution

by:
Daniel Helgenberger earned 1336 total points
ID: 39620298
There are many things a MTA can do, including reverse lookups, forward lookups, HELO validation and so on. In the end, it is only a hint or indication and no evidence - and the antispam policy will decide whenever to flag the mail as junk or not.
SPF in turn is the only system I know of where a domain can actually tell the receiving MTA about its valid servers and therefore providing evidence; resulting in a relay access denied if not valid. Please note, on this level done by the MTA already, not necessarily involving any antispam filter.
0
 

Author Closing Comment

by:jskfan
ID: 39631304
thank you
0

Featured Post

Bringing Advanced Authentication to the SMB Market

WatchGuard announces the acquisition of advanced authentication provider, Datablink, with one mission – to bring secure authentication to SMB, mid-market, and distributed enterprises with a cloud-based solution, ideal for resale via their established channel & MSSP community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is intended as an extension of a blog on Aging and Scavenging by the MS Enterprise Networking Team. In brief, Scavenging is used as follows: Each record in a zone which has been dynamically registered with an MS DNS Server will have…
Occasionally you run into the website or two that will not resolve properly using your own DNS servers.  Some people simply set up global forwarders for their DNS server.  I don’t recommend doing this because it can cause problems resolving addresse…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…
Suggested Courses

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question