Solved

TXT and SPF DNS Records

Posted on 2013-11-03
5
437 Views
Last Modified: 2013-11-07
I did some readings about TXT record, the articles will give you slink to SPF, it sounds like TXT and SPF are related.

Any DNS Expert to explain clearly what TXT and SPF are used for, an example will be also very helpful.

Thank you
0
Comment
Question by:jskfan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 27

Assisted Solution

by:davorin
davorin earned 166 total points
ID: 39619752
The SPF "record" in DNS is specified as TXT DNS record type. From beginning TXT records were probably meant for comments, but later it was used also for other proposes like for SPF, DKIM,... records
There also exist the "real" SPF record, but it is not supported by many systems, so you can say it is obsolete and not used any more.
My only usage of TXT record is for specifying SPF. I have never used it for any other purpose.

Some more info here: http://en.wikipedia.org/wiki/List_of_DNS_record_types
http://www.debianhelp.co.uk/dnsrecords.htm
0
 
LVL 13

Assisted Solution

by:Daniel Helgenberger
Daniel Helgenberger earned 334 total points
ID: 39619864
Just to add to davorin's good synopsis of SPF and TXT records, SPF records are used to identify a valid sender IP for mail systems. A receiving mail server may query these to know if the domain permits this particular server / ip sending mail on it's behalf. The syntax is quite powerful.
Please note, a correctly configured SPF has no downsides and only benefits.

There is also one very common use of TXT records: Companies (esp. Microsoft) uses these for domain ownership validation. For instance, you are registering your domain for Office 365. Microsoft requires you to add a certain Auth code as TXT record to the top level of your domain which is in turn validated by Microsoft, assuming someone being able to change DNS settings is also the owner of that domain (this will be the case in almost all cases).
0
 

Author Comment

by:jskfan
ID: 39620277
I though DNS reverse lookup is the one used to verify the sender domain
0
 
LVL 13

Accepted Solution

by:
Daniel Helgenberger earned 334 total points
ID: 39620298
There are many things a MTA can do, including reverse lookups, forward lookups, HELO validation and so on. In the end, it is only a hint or indication and no evidence - and the antispam policy will decide whenever to flag the mail as junk or not.
SPF in turn is the only system I know of where a domain can actually tell the receiving MTA about its valid servers and therefore providing evidence; resulting in a relay access denied if not valid. Please note, on this level done by the MTA already, not necessarily involving any antispam filter.
0
 

Author Closing Comment

by:jskfan
ID: 39631304
thank you
0

Featured Post

Is Your DevOps Pipeline Leaking?

Is your CI/CD pipeline a hodge-podge of randomly connected tools? You’ve likely got a tool to fix one problem & then a different tool to fix another, resulting in a cluster of tools with overlapping functionality. Learn how to optimize your pipeline with Gartner's recommendations

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Most DNS problems are VERY easily troubleshot and identifiable if you can follow the steps a DNS query takes. I would like to share the step-by-step a DNS query takes from the origin to the destination. _____________________________________________…
If you have a multi-homed DNS setup in windows, you can have issues with connectivity to the server that hosts the DNS services (or even member servers of your domain if this same DNS server is a DC). This is because windows registers all of its IPs…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question