spf ent txt records.
Dear all, I received the following question and I am not able to aswer as spf records are still mysterious to me. We are using BIND 9.7. Thanks in advance for your answers, Hugo, Does our DNS-server support SPF-type records? Or do we put SPF-info in a TXT-record? Ref. : Early implementations used TXT records for implementation before the new record type was commonly available in DNS software. Use of TXT records for SPF was intended as a transitional mechanism. However, according to the current RFC, RFC 4408, section 3.1.1, An SPF-compliant domain name SHOULD have SPF records of both RR types. A compliant domain name MUST have a record of at least one type, and as such, TXT record use is not deprecated.[2] ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: spf ent txt records.
Hello Hugo, You can try looking at your zone files for SPF records and/or TXT containing spf stuff. You con implement SPF records as you wish. Maybe you can take a look at: http://www.zytrax.com/books/dns/ch9/spf.html Saludos / Regards Leonardo Santagostini http://ar.linkedin.com/in/santagostini 2013/3/13 hugo hugoo hugo...@hotmail.com Dear all, I received the following question and I am not able to aswer as spf records are still mysterious to me. We are using BIND 9.7. Thanks in advance for your answers, Hugo, Does our DNS-server support SPF-type records? Or do we put SPF-info in a TXT-record?** ** ** *Ref. : *Early implementations used TXT recordshttp://en.wikipedia.org/wiki/TXT_recordfor implementation before the new record type was commonly available in DNS software. Use of TXT records for SPF was intended as a transitional mechanism. However, according to the current RFC, RFC 4408http://tools.ietf.org/html/rfc4408, section 3.1.1, An SPF-compliant domain name SHOULD have SPF records of both RR types. A compliant domain name MUST have a record of at least one type, and as such, TXT record use is not deprecated.[2]http://en.wikipedia.org/wiki/Sender_Policy_Framework#cite_note-2 ** ** ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: spf ent txt records.
Does our DNS-server support SPF-type records? Or do we put SPF-info in a TXT-record? BIND has supported SPF records since 9.4 I think, so yes. Their functionality is identical (i.e. define both if you want/need both) name ttl class TXT text name ttl class SPF text Regards, -JP ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: spf ent txt records.
I used both types with Bind 9.2.1, so both types should work for you. As I recall the only difference was txt - spf as RR type. hugo hugoo hugo...@hotmail.com wrote: Dear all, I received the following question and I am not able to aswer as spf records are still mysterious to me. We are using BIND 9.7. Thanks in advance for your answers, Hugo, Does our DNS-server support SPF-type records? Or do we put SPF-info in a TXT-record? Ref. : Early implementations used TXT records for implementation before the new record type was commonly available in DNS software. Use of TXT records for SPF was intended as a transitional mechanism. However, according to the current RFC, RFC 4408, section 3.1.1, An SPF-compliant domain name SHOULD have SPF records of both RR types. A compliant domain name MUST have a record of at least one type, and as such, TXT record use is not deprecated.[2] ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users -- Sent from my Android phone with K-9 Mail. Please excuse my brevity.___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: spf ent txt records.
Hi there, On Wed, 13 Mar 2013, hugo hugoo wrote: I received the following question and I am not able to aswer as spf records are still mysterious to me. We are using BIND 9.7. Does our DNS-server support SPF-type records? Or do we put SPF-info in a TXT-record? My answers would be Yes and Yes. Ref. : Early implementations used TXT records for implementation before the new record type was commonly available in DNS software. Use of TXT records for SPF was intended as a transitional mechanism. However, according to the current RFC, RFC 4408, section 3.1.1, An SPF-compliant domain name SHOULD have SPF records of both RR types. A compliant domain name MUST have a record of at least one type, and as such, TXT record use is not deprecated.[2] The SPF type RR seems to me to be dying. Hardly anyone uses it. -- 73, Ged. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: spf ent txt records.
Hugo, On Wednesday, 2013-03-13 11:33:35 +, hugo hugoo hugo...@hotmail.com wrote: Dear all, I received the following question and I am not able to aswer as spf records are still mysterious to me. We are using BIND 9.7. Thanks in advance for your answers, Hugo, Does our DNS-server support SPF-type records? Or do we put SPF-info in a TXT-record? Ref. : Early implementations used TXT records for implementation before the new record type was commonly available in DNS software. Use of TXT records for SPF was intended as a transitional mechanism. However, according to the current RFC, RFC 4408, section 3.1.1, An SPF-compliant domain name SHOULD have SPF records of both RR types. A compliant domain name MUST have a record of at least one type, and as such, TXT record use is not deprecated.[2] BIND does support the SPF type. Note however that the latest draft version of SPF actually deprecates SPF, and recommends using TXT records: 3.1. DNS Resource Records SPF records MUST be published as a DNS TXT (type 16) Resource Record (RR) [RFC1035] only. The character content of the record is encoded as [US-ASCII]. Use of alternate DNS RR types was supported in SPF's experimental phase, but has been discontinued. See Appendix A of [RFC6686] for further information. http://datatracker.ietf.org/doc/draft-ietf-spfbis-4408bis/?include_text=1 -- Shane ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Building from source and running in chroot environment
Are there relatively recent instructions on how to build BIND from source and run it in a chroot environment? It sounds obvious but everything I've come across assumes BIND is provided by some package manager or included with the operating system. I'd like to build the latest version of BIND and run it in a chroot environment. I know you have to pre-populate the chroot directories but am not entirely clear on everything that's needed. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: spf ent txt records.
On 3/13/2013 05:09, G.W. Haywood wrote: Ref. : Early implementations used TXT records for implementation before the new record type was commonly available in DNS software. Use of TXT records for SPF was intended as a transitional mechanism. However, according to the current RFC, RFC 4408, section 3.1.1, An SPF-compliant domain name SHOULD have SPF records of both RR types. A compliant domain name MUST have a record of at least one type, and as such, TXT record use is not deprecated.[2] The SPF type RR seems to me to be dying. Hardly anyone uses it. This is very true. I updated my management interface to encourage SPF records, and to automatically create matching TXT records, but only because it's easier to sanity check when I know the intent is SPF. I almost wouldn't bother with SPF records these days though, except that the code was already written. -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Building from source and running in chroot environment
On Wed, Mar 13, 2013 at 08:24:18AM -0700, Spumonti Spumonti wrote: Are there relatively recent instructions on how to build BIND from source and run it in a chroot environment? It sounds obvious but everything I've come across assumes BIND is provided by some package manager or included with the operating system. I'd like to build the latest version of BIND and run it in a chroot environment. I know you have to pre-populate the chroot directories but am not entirely clear on everything that's needed. Your BIND source package came with the BIND 9 ARM. See chapter 7 thereof, which covers this. Bv9ARM.ch07.html#id2603962 -- http://rob0.nodns4.us/ -- system administration and consulting Offlist GMX mail is seen only if /dev/rob0 is in the Subject: ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: spf ent txt records.
On Wed, 2013-03-13 at 14:43 -0700, Dave Warren wrote: I almost wouldn't bother with SPF records these days though, except that the code was already written. # grep SPF maillog |grep -c '\-all' 2438 # grep SPF maillog |grep -c '\~all' 7509 since midnight Sunday... looks like its worth bothering with to me. signature.asc Description: This is a digitally signed message part ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: spf ent txt records.
On 3/13/2013 17:11, Noel Butler wrote: On Wed, 2013-03-13 at 14:43 -0700, Dave Warren wrote: I almost wouldn't bother with SPF records these days though, except that the code was already written. # grep SPF maillog |grep -c '\-all' 2438 # grep SPF maillog |grep -c '\~all' 7509 Can you compare that against queries to TXT style SPF records? -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
