Hey Jullan, Thank you for the reply -- my problem isn't how to compose a multi-part SPF message inside a TXT record.
The problem I see is how PowerDNS (mis-)behaves when trying to serve a non-compliant record. PowerDNS returns NOERROR for the status and then returns a malformed message. I understand the argument of "bad data in, bad data out"; I would rather see PowerDNS not return bad data though. --Augie On Wed, Mar 24, 2010 at 6:14 PM, Julian Mehnle <jul...@mehnle.net> wrote: > Augie Schwer wrote: > >> PowerDNS returns a malformed response when queried for a TXT record >> larger than 257 characters. >> >> [...] >> >> PowerDNS returns NOERROR and returns as much data as it can which ends >> up creating the corrupt packet. >> >> Admittedly one shouldn't put bad data in (the above record is not RFC >> compliant); I was hoping PowerDNS would handle the response better -- >> any of the response codes could fit and certainly not return a >> malformed packet; I'd rather see an empty packet or maybe a truncated >> RDATA and a NOERROR return code. > > The problem is that while a TXT record can contain multiple "strings" (the > parts you have to enclose in double quotes in TXT records in both BIND > and PowerDNS), each string can only be 256 bytes long at maximum by design > -- one length octet plus 255 bytes of text (RFC 1035). If you want to > have a longer TXT record, you have to split it into several strings, like > so: > > "v=spf1 ip4:209.204.164.194 a mx mx:gordonmedical.com, > mx:mailin-02.mx.sonic.net,mx:g.mx.sonic.net, mx:mailin-01.mx.sonic.net, > mx:e.mx.sonic.net mx:a.mx.sonic.net, mx:c.mx.sonic.net, > mx:d.mx.sonic.net, mx:h.mx.sonic.net, mx:f.mx.sonic.net, mx:and " > "mx:b.mx." > > leaving a space between strings like so: "string1" "string2". The SPF > spec states that multiple strings will be concatenated seamlessly, so > you'd probably have to include another space *in* the strings, either at > the end of "string1 " or at the start of " string2". > > Note that this is different from splitting the record into several > *records* (opposed to several strings in a single record). This doesn't > work with SPF since ordering among records is undefined by DNS and SPF > wouldn't know how to concatenate them correctly. > > Of course you could just remove the erroneous commas and fix up the SPF > record to get below the 256 characters limit in this particular case. > > -Julian > > _______________________________________________ > Pdns-users mailing list > Pdns-users@mailman.powerdns.com > http://mailman.powerdns.com/mailman/listinfo/pdns-users > > -- Augie Schwer - au...@schwer.us - http://schwer.us Key fingerprint = 9815 AE19 AFD1 1FE7 5DEE 2AC3 CB99 2784 27B0 C072 _______________________________________________ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users