On Mar 18, 2013, at 12:00 AM, Mark Andrews wrote:
It's not that is is esthetically pleasing to put SPF data into its
own RR type. It's that TXT has been hijacked and contining to add
more uses to TXT does not scale. TXT is a reasonable record for
proof of concept. It isn't and never has been
From: John Wobus jw...@cornell.edu
1) An RFC (or RFCs) that specifies a set of specific TXT record content
formats that are specified to have particular meanings, e.g. 'don't do
the
following unless it's an SPF record'.
I've not been keeping up with the IETF; is there a document that
I've not been keeping up with the IETF; is there a document that
describes what looks like a de facto standard of using _pname labels
with TXT RRs that is being followed by at least DMARC and DANE in
*._tcp.example.com, *._smimecert.example.com, and _dmarc.example.com
No, but Dave Crocker is
It is or would have been, very little cost to publish SPF records.
Not until we fix the provisioning problem. (News flash: in 99.9% of
the Internet, people do not edit master files with vi.)
In the early days of SPF, it was remarkably hard to get TXT records
provisioned, even though TXT records
On Mon, Mar 18, 2013, at 03:19 AM, Noel Butler wrote:
Vernon Schryver writes:
to laziness, DNS is not rocket science, I'm sure given ARM and
access to
google, a 13yo kid could get at least the basics right.
Laziness?--nonsense. Postel's Law and simple logic predict the
I'd go along with that, if they can't get their act together within 3
years, then that IS pure laziness.
I think laziness better fits answering port 443 with HTTP/TLS-SSL
and not publishing DANE RRs with existing certs or fingerprints.
The contrib/dane directory in current versions of BIND
On 2013-03-17 22:35, Doug Barton wrote:
On 3/17/2013 5:59 PM, Mark Andrews wrote:
The rational course would be to set a sunset date on TXT style spf
records. April 2016 looks like a good date. 10 years after RFC
4408 was published.
+1
Unfortunately there's really no need to change
In message 201303181535.r2ifz8ga017...@calcite.rhyolite.com, Vernon Schryver
writes:
} Turning off lookup for TXT record lookup for SPF would have very
} little negative impact. You would have some additional spoofed
} email getting through and some additional blow back (which could
} be
At 08:35 18-03-2013, Vernon Schryver wrote:
Also, those who are not lazy, who think RFC 4408bis is wrong, and want
to use type 99 without violating RFC 4408bis will go to the IEFF.
I suggest reading the messages with a subject line of #9: RFC 4408
SPF RR type in the mail archive at
On Mon, 2013-03-18 at 16:52 -0700, SM wrote:
SPF RR type
Had a bit of a read of that thread, and the most noise comes from a guy
who should know better, but doesn't, Mr Kitterman repeatedly says If
it's all so obvious that it makes sense to publish SPF records, why
aren't more people doing
On Thu, 2013-03-14 at 17:29 +1000, Noel Butler wrote:
On Wed, 2013-03-13 at 19:33 -0700, Dave Warren wrote:
On 3/13/2013 17:11, Noel Butler wrote:
On Wed, 2013-03-13 at 14:43 -0700, Dave Warren wrote:
I almost wouldn't bother with SPF records these days though, except
20741, so direct SPF RR hits is about one third of those using TXT RR,
small, but, insignificant? I wouldn't really say so, but some might. I
suspect the SPF wanting to be deprecated is because of the lack of
take-up, due to lazy admins, there are some resolvers in use from
ancient debian
In message 201303180038.r2i0cwet026...@calcite.rhyolite.com, Vernon Schryver
writes:
20741, so direct SPF RR hits is about one third of those using TXT RR,
small, but, insignificant? I wouldn't really say so, but some might. I
suspect the SPF wanting to be deprecated is because of the
Vernon Schryver writes:
to laziness, DNS is not rocket science, I'm sure given ARM and
access to
google, a 13yo kid could get at least the basics right.
Laziness?--nonsense. Postel's Law and simple logic predict the
truth hurts eh.
Didn't see your original post, viewed and had
From: Mark Andrews ma...@isc.org
Yet libspf2 requests SPF records and falls back to TXT on NODATA.
It does not do a TXT query if it gets a SPF response.
Even if my option of SPF is insane, compare the 2008 dates on
http://www.libspf2.org/ and the 2012 date on the surveys in RFC 6686.
It's
In message 201303180329.r2i3tycx025...@calcite.rhyolite.com, Vernon Schryver
writes:
From: Mark Andrews ma...@isc.org
Yet libspf2 requests SPF records and falls back to TXT on NODATA.
It does not do a TXT query if it gets a SPF response.
Even if my option of SPF is insane, compare the
On Wed, 2013-03-13 at 19:33 -0700, Dave Warren wrote:
On 3/13/2013 17:11, Noel Butler wrote:
On Wed, 2013-03-13 at 14:43 -0700, Dave Warren wrote:
I almost wouldn't bother with SPF records these days though, except that
the code was already written.
# grep SPF maillog
Dear all,
I received the following question and I am not able to aswer as spf records are
still mysterious to me.
We are using BIND 9.7.
Thanks in advance for your answers,
Hugo,
Does our DNS-server support SPF-type records? Or do we put SPF-info in a
TXT-record?
Ref. :
Early
Hello Hugo,
You can try looking at your zone files for SPF records and/or TXT
containing spf stuff.
You con implement SPF records as you wish.
Maybe you can take a look at: http://www.zytrax.com/books/dns/ch9/spf.html
Saludos / Regards
Leonardo Santagostini
Does our DNS-server support SPF-type records? Or do we put SPF-info in a
TXT-record?
BIND has supported SPF records since 9.4 I think, so yes. Their
functionality is identical (i.e. define both if you want/need both)
name ttl class TXT text
name ttl class SPF
I used both types with Bind 9.2.1, so both types should work for you.
As I recall the only difference was txt - spf as RR type.
hugo hugoo hugo...@hotmail.com wrote:
Dear all,
I received the following question and I am not able to aswer as spf
records are still mysterious to me.
We are using
Hi there,
On Wed, 13 Mar 2013, hugo hugoo wrote:
I received the following question and I am not able to aswer as spf
records are still mysterious to me. We are using BIND 9.7.
Does our DNS-server support SPF-type records? Or do we put SPF-info in a
TXT-record?
My answers would be Yes and
Hugo,
On Wednesday, 2013-03-13 11:33:35 +,
hugo hugoo hugo...@hotmail.com wrote:
Dear all,
I received the following question and I am not able to aswer as spf
records are still mysterious to me. We are using BIND 9.7.
Thanks in advance for your answers,
Hugo,
Does our
On 3/13/2013 05:09, G.W. Haywood wrote:
Ref. : Early implementations used TXT records for implementation
before the new record type was commonly available in DNS software.
Use of TXT records for SPF was intended
as a transitional mechanism. However, according to the current RFC,
RFC 4408,
On Wed, 2013-03-13 at 14:43 -0700, Dave Warren wrote:
I almost wouldn't bother with SPF records these days though, except that
the code was already written.
# grep SPF maillog |grep -c '\-all'
2438
# grep SPF maillog |grep -c '\~all'
7509
since midnight Sunday...
looks like its worth
On 3/13/2013 17:11, Noel Butler wrote:
On Wed, 2013-03-13 at 14:43 -0700, Dave Warren wrote:
I almost wouldn't bother with SPF records these days though, except that
the code was already written.
# grep SPF maillog |grep -c '\-all'
2438
# grep SPF maillog |grep -c '\~all'
7509
Can you
26 matches
Mail list logo