Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

TXT and SPF DNS Records

Posted on 2013-11-03
5
Medium Priority
?
444 Views
Last Modified: 2013-11-07
I did some readings about TXT record, the articles will give you slink to SPF, it sounds like TXT and SPF are related.

Any DNS Expert to explain clearly what TXT and SPF are used for, an example will be also very helpful.

Thank you
0
Comment
Question by:jskfan
  • 2
  • 2
5 Comments
 
LVL 27

Assisted Solution

by:davorin
davorin earned 664 total points
ID: 39619752
The SPF "record" in DNS is specified as TXT DNS record type. From beginning TXT records were probably meant for comments, but later it was used also for other proposes like for SPF, DKIM,... records
There also exist the "real" SPF record, but it is not supported by many systems, so you can say it is obsolete and not used any more.
My only usage of TXT record is for specifying SPF. I have never used it for any other purpose.

Some more info here: http://en.wikipedia.org/wiki/List_of_DNS_record_types
http://www.debianhelp.co.uk/dnsrecords.htm
0
 
LVL 13

Assisted Solution

by:Daniel Helgenberger
Daniel Helgenberger earned 1336 total points
ID: 39619864
Just to add to davorin's good synopsis of SPF and TXT records, SPF records are used to identify a valid sender IP for mail systems. A receiving mail server may query these to know if the domain permits this particular server / ip sending mail on it's behalf. The syntax is quite powerful.
Please note, a correctly configured SPF has no downsides and only benefits.

There is also one very common use of TXT records: Companies (esp. Microsoft) uses these for domain ownership validation. For instance, you are registering your domain for Office 365. Microsoft requires you to add a certain Auth code as TXT record to the top level of your domain which is in turn validated by Microsoft, assuming someone being able to change DNS settings is also the owner of that domain (this will be the case in almost all cases).
0
 

Author Comment

by:jskfan
ID: 39620277
I though DNS reverse lookup is the one used to verify the sender domain
0
 
LVL 13

Accepted Solution

by:
Daniel Helgenberger earned 1336 total points
ID: 39620298
There are many things a MTA can do, including reverse lookups, forward lookups, HELO validation and so on. In the end, it is only a hint or indication and no evidence - and the antispam policy will decide whenever to flag the mail as junk or not.
SPF in turn is the only system I know of where a domain can actually tell the receiving MTA about its valid servers and therefore providing evidence; resulting in a relay access denied if not valid. Please note, on this level done by the MTA already, not necessarily involving any antispam filter.
0
 

Author Closing Comment

by:jskfan
ID: 39631304
thank you
0

Featured Post

Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you have a multi-homed DNS setup in windows, you can have issues with connectivity to the server that hosts the DNS services (or even member servers of your domain if this same DNS server is a DC). This is because windows registers all of its IPs…
This article will help to fix the below errors for MS Exchange Server 2016 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
As many of you are aware about Scanpst.exe utility which is owned by Microsoft itself to repair inaccessible or damaged PST files, but the question is do you really think Scanpst.exe is capable to repair all sorts of PST related corruption issues?
How can you see what you are working on when you want to see it while you to save a copy? Add a "Save As" icon to the Quick Access Toolbar, or QAT. That way, when you save a copy of a query, form, report, or other object you are modifying, you…
Suggested Courses
Course of the Month12 days, 2 hours left to enroll

564 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question