I beg a difference, if you read up on things, there is a SPF record type
(99) added a while back and the TXT approach is getting deprecated: more
info on the wiki: http://en.wikipedia.org/wiki/Sender_Policy_Framework
On Fri, 31 Jul 2009 18:09:39 +0300, Frands Hansen <[email protected]> wrote:
Exactly how did you add your SPF record?
This would be the correct way:
domain.tld TXT "v=spf1 blabla"
SPF records are not really "SPF" but "TXT" records with spf content.
-
Frands B. Hansen
On 31/07/2009, at 17:04, shion wrote:
Hi folks,
I have added a domain in my nameserver with the following configuration:
SOA ns.inwx.de [email protected] 2009073103
NS ns.inwx.de
NS ns2.inwx.de
NS ns3.inwx.de
After this I have checked the entries with dig, that everything is
correct.
-----------------------------------------------------------------
$ dig @ns.inwx.de spf-record-test.de ANY
; <<>> DiG 9.5.1-P2 <<>> @ns.inwx.de spf-record-test.de ANY
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42148
;; flags: qr aa rd; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 3
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;spf-record-test.de. IN ANY
;; ANSWER SECTION:
spf-record-test.de. 3600 IN NS ns.inwx.de.
spf-record-test.de. 3600 IN NS ns2.inwx.de.
spf-record-test.de. 3600 IN SOA ns.inwx.de. [email protected].
2009073103 10800 3600 604800 3600
spf-record-test.de. 3600 IN NS ns3.inwx.de.
;; ADDITIONAL SECTION:
ns3.inwx.de. 3600 IN A 217.20.112.194
ns2.inwx.de. 3600 IN A 213.239.206.103
ns.inwx.de. 3600 IN A 217.70.142.66
;; Query time: 26 msec
;; SERVER: 217.70.142.66#53(217.70.142.66)
;; WHEN: Fri Jul 31 16:09:54 2009
;; MSG SIZE rcvd: 181
-----------------------------------------------------------------
Next step..
Now I have added a SPF record.
SPF v=spf1 -all
And checked the entries with dig again.
-----------------------------------------------------------------
$ dig @ns.inwx.de spf-record-test.de ANY
; <<>> DiG 9.5.1-P2 <<>> @ns.inwx.de spf-record-test.de ANY
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 54903
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;spf-record-test.de. IN ANY
;; Query time: 27 msec
;; SERVER: 217.70.142.66#53(217.70.142.66)
;; WHEN: Fri Jul 31 16:12:29 2009
;; MSG SIZE rcvd: 36
-----------------------------------------------------------------
After adding a SPF record, it isn't possible to dig the domain.
I don't get any records of the domain. After removing the SPF record it
is
possible again.
It seems to be a problem with pdns and SPF records.
Furthermore it seems that some mailservers can't deliver e-mails
because the
nameserver lookup deferred, if the SPF record is set.
Does somebody know, what I can do to solve the problem?
Or maybe it is a bug?!
The used pdns-server version is 2.9.22-1.
$ dig -v
DiG 9.5.1-P2
Thanks,
shion
--View this message in context:
http://www.nabble.com/dig-doesn%27t-work-after-adding-SPF-record-tp24757839p24757839.html
Sent from the PowerDNS mailing list archive at Nabble.com.
_______________________________________________
Pdns-users mailing list
[email protected]
http://mailman.powerdns.com/mailman/listinfo/pdns-users
_______________________________________________
Pdns-users mailing list
[email protected]
http://mailman.powerdns.com/mailman/listinfo/pdns-users
--
http://www.ciuly.com
No virus found in this outgoing message.
Checked by AVG - www.avg.com
Version: 8.5.392 / Virus Database: 270.13.38/2274 - Release Date: 07/31/09
05:58:00
_______________________________________________
Pdns-users mailing list
[email protected]
http://mailman.powerdns.com/mailman/listinfo/pdns-users
