Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. SPF>
  3. Devel
Split text records and SPF
wechsler at phase
Jan 23, 2004, 3:39 AM
Post #1 of 5 (4459 views)
Permalink
A very kind friend of mine has just given me a patch to allow PHP to
gather TXT records directly (without shelling to /usr/bin/sh), so I hope
the load and responsiveness of the infinitepenguins sites will improve
shortly.

However this brings me back to a problem I've noted in fetching SPF
records: The following mail explains it:

> > Hi, I'm using djbdns and it automatically splits long TXT records
> > into 127 byte chunks:
> >
> > kabbalah.com. 86400 IN TXT "v=spf1 mx ptr
> > mx:kabbalah.com ip4:64.239.129.96/27 ip4:208.179.200.0/27
> > ip4:208.179.207.32/27 ip4:12.35.200.64/27 ip4:63.212.16" "7.64/27 ?all"

Now it I see a TXT record, I treat it as SPF if it starts with v=spf1,
and I throw it away if it doesn't.

This behaviour of djbdns means that this gives me a truncated record for
the above example:

http://www.infinitepenguins.net/SPF/register.php?domain=kabbalah.com

Previously I tried gluing together subsequent TXT records, but that
meant that valid SPF records were getting other uses of TXT records
appended to them and thus returning trash.

So, folks, what *do* I do?

Wechsler

-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname@Ë`Ì{5¤¨wâÇSÓ°)h
Re: Split text records and SPF [ In reply to ]
wayne at midwestcs
Jan 23, 2004, 4:57 AM
Post #2 of 5 (4391 views)
Permalink
In <4010F9DA.1040304@phase.org> Wechsler <wechsler@phase.org> writes:

> > > Hi, I'm using djbdns and it automatically splits long TXT records
> > > into 127 byte chunks:

WTF?

Why in the world would djbdns do that?

My immediate reaction is: If you use a broken DNS server, don't
create SPF records that cause it to break.

Does DJB's caching DNS program also break things? If not, then this
is really just a problem for the domain owner.


-wayne

-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname@Ë`Ì{5¤¨wâÇSÓ°)h
RE: Split text records and SPF [ In reply to ]
lists at mehnle
Jan 23, 2004, 5:06 AM
Post #3 of 5 (4389 views)
Permalink
Wechsler [wechsler@phase.org] wrote:
> > > Hi, I'm using djbdns and it automatically splits long TXT records
> > > into 127 byte chunks:
>
> [...] So, folks, what *do* I do?

Use another DNS server, or restrict yourself to using SPF records below 127 bytes.

-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname@Ï#ÄÏÉæGã!'Rzš´ˆ»£‡Æ~3com
Re: Split text records and SPF [ In reply to ]
wechsler at phase
Jan 23, 2004, 5:14 AM
Post #4 of 5 (4379 views)
Permalink
Julian Mehnle wrote:

> Wechsler [wechsler@phase.org] wrote:
>
>> > > Hi, I'm using djbdns and it automatically splits long TXT records
>> > > into 127 byte chunks:
>>
>>[...] So, folks, what *do* I do?
>
>
> Use another DNS server, or restrict yourself to using SPF records below 127 bytes.

Rereading my last post, my copy&paste of a third-party email fails to
make clear that I'm asking the question primarily from the other side.

AFAIR all my own SPF records are < 127 bytes. However the SPF Adoption
Roll, and all the other infinitepenguins.net SPF tools (and for that
matter every SPF validator anywhere) need to gather SPF records correctly.

How should these validators handle split records? Trash them, join them,
or just gibber?

If they are an error, how should djbdns users cope? I'm not sure
Julian's answer (although valid) is going to please them.

Wechsler


-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname@Ë`Ì{5¤¨wâÇSÓ°)h
Re: Split text records and SPF [ In reply to ]
wayne at midwestcs
Jan 23, 2004, 5:20 AM
Post #5 of 5 (4368 views)
Permalink
In <40111008.1060100@phase.org> Wechsler <wechsler@phase.org> writes:

> How should these validators handle split records? Trash them, join
> them, or just gibber?

Validators should treat them just like the spec says. Don't try to
join them together.

> If they are an error, how should djbdns users cope?

Make sure that the SPF records are short enough not to cause djbdns to
break things. Using the include: mechanism would help in many cases,
although that causes extra lookups. (They should be cached, but
still.)


-wayne



-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname@Ë`Ì{5¤¨wâÇSÓ°)h

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal