Hi Bas,
the problem is in the length of the character string. As RFC1035 says
the TXT (SPF) record is an array of character strings. So the total TXT
record length is limited to the maximal rdata length 65535 bytes. But
each character string can have at most 255 bytes. Because of the leading
1 byte length in wire-format.
The following example should be syntactically OK:
hcc.nl. IN TXT "v=spf1 ip4:212.72.224.15
ip4:212.72.224.16 ip4:212.72.224.27 ip4:212.72.224.29 ip4:95.97.35.102
ip4:80.253.112.0/24 ip4:94.232.160.0/24 ip4:212.72.224.0/21
ip6:2a02:968:1:2:212:72:224:15 ip6:2a02:968:1:2:212:72:224:16
ip6:2a02:968:1:2:212:72:224:27" "ip6:2a02:968:1:2:212:72:224:29 +all"
Dan
On 11/29/2012 12:40 PM, Bas van den Dikkenberg wrote:
When i add this SPF record to dns zonefile:
hcc.nl. IN TXT "v=spf1 ip4:212.72.224.15
ip4:212.72.224.16 ip4:212.72.224.27 ip4:212.72.224.29 ip4:95.97.35.102
ip4:80.253.112.0/24 ip4:94.232.160.0/24 ip4:212.72.224.0/21
ip6:2a02:968:1:2:212:72:224:15 ip6:2a02:968:1:2:212:72:224:16
ip6:2a02:968:1:2:212:72:224:27 ip6:2a02:968:1:2:212:72:224:29 +all"
Then opendnssec wont sign the zone i get this messages in log:
Nov 29 12:37:18 scripting ods-signerd: [adapter] error parsing RR at
line 18 (Syntax error, could not parse the RR's rdata): hcc.nl. IN
TXT "v=spf1 ip4:212.72.224.15 ip4:212.72.224.16 ip4:212.72.224.27
ip4:212.72.224.29 ip4:95.97.35.102 ip4:80.253.112.0/24
ip4:94.232.160.0/24 ip4:212.72.224.0/21 ip6:2a02:968:1:2:212:72:224:15
ip6:2a02:968:1:2:212:72:224:16 ip6:2a02:968:1:2:212:72:224:27
ip6:2a02:968:1:2:212:72:224:29 +all"
Does anyone have sugestions how i can fix this?
WIth kind regards,
Bas van den Dikkenberg
_______________________________________________
Opendnssec-user mailing list
[email protected]
https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
_______________________________________________
Opendnssec-user mailing list
[email protected]
https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
