Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. SPF>
  3. Help
Non-SPF TXT records and nested includes
ulc at globase
May 18, 2010, 3:00 AM
Post #1 of 5 (4666 views)
Permalink
Hello there,

There are two TXT record on the domain danskmetal.dk, one of them is a clear
text msg.

The spf record is:
"v=spf1 mx include:hostspf1.danskmetal.dk include:ipspf1.danskmetal.dk
include:extspf1.danskmetal.dk -all"

The other clear text record is:
"This domain hosted by Webhotel.net"

Is the clear text record interfering with the spf?

Another question...

How many levels can nested includes be (includes including includes...)?


Thanks,
Ulrik



-------------------------------------------
Sender Policy Framework: http://www.openspf.org [http://www.openspf.org]
Modify Your Subscription: http://www.listbox.com/member/ [http://www.listbox.com/member/]

Archives: https://www.listbox.com/member/archive/1020/=now
RSS Feed: https://www.listbox.com/member/archive/rss/1020/
Powered by Listbox: http://www.listbox.com
Re: Non-SPF TXT records and nested includes [ In reply to ]
scott at kitterman
May 18, 2010, 3:26 AM
Post #2 of 5 (4632 views)
Permalink
"Ulrik la Cour" <ulc@globase.com> wrote:

>Hello there,
>
>There are two TXT record on the domain danskmetal.dk, one of them is a clear
>text msg.
>
>The spf record is:
>"v=spf1 mx include:hostspf1.danskmetal.dk include:ipspf1.danskmetal.dk
>include:extspf1.danskmetal.dk -all"
>
>The other clear text record is:
>"This domain hosted by Webhotel.net"
>
>Is the clear text record interfering with the spf?
>l

It should not as long as the records are short enough to fit in a single UDP packet (which seems OK in your example).

>Another question...
>
>How many levels can nested includes be (includes including includes...)?
>
The limit is the total number of DNS look ups see RFC 4408 paragraph 10.1.

Scott K


-------------------------------------------
Sender Policy Framework: http://www.openspf.org [http://www.openspf.org]
Modify Your Subscription: http://www.listbox.com/member/ [http://www.listbox.com/member/]

Archives: https://www.listbox.com/member/archive/1020/=now
RSS Feed: https://www.listbox.com/member/archive/rss/1020/
Powered by Listbox: http://www.listbox.com
Re: Non-SPF TXT records and nested includes [ In reply to ]
me at junc
May 18, 2010, 5:45 AM
Post #3 of 5 (4629 views)
Permalink
On tir 18 maj 2010 12:00:25 CEST, Ulrik la Cour wrote

> How many levels can nested includes be (includes including includes...)?

as long as dns rr can be, spf on its own have no limit imho on this

the above domain is a valid spf btw, if there was v=spf1 in both txt
records it was invalid

http://old.openspf.org/wizard.html?mydomain=danskmetal.dk&a=no&mx=yes&ptr=no&a_colon=regular+hostnames&mx_colon=domain+names&ip4_colon=IP+addresses&include=extspf1.danskmetal.dk+hostspf1.danskmetal.dk+ipspf1.danskmetal.dk&all=yes&record_so_far=%22v%3Dspf1+mx+include%3Aextspf1.danskmetal.dk+include%3Ahostspf1.danskmetal.dk+include%3Aipspf1.danskmetal.dk+~all%22&use_built_from_args=1


a invalid spf is
http://old.openspf.org/wizard.html?mydomain=cms.mikkelsenmedia.dk

2 v=spf1 and 2 all, invalid, if you press continue on that one the
wizard make it valid, hard for the domain owner to follow that one

--
xpoint
Re: Non-SPF TXT records and nested includes [ In reply to ]
scott at kitterman
May 18, 2010, 6:02 AM
Post #4 of 5 (4616 views)
Permalink
"Benny Pedersen" <me@junc.org> wrote:

>On tir 18 maj 2010 12:00:25 CEST, Ulrik la Cour wrote
>
>> How many levels can nested includes be (includes including includes...)?
>
>as long as dns rr can be, spf on its own have no limit imho on this
>
No. RFC 4408 paragraph 10.1 applies to records of type SPF as well as records of type TXT.

Scott K


-------------------------------------------
Sender Policy Framework: http://www.openspf.org [http://www.openspf.org]
Modify Your Subscription: http://www.listbox.com/member/ [http://www.listbox.com/member/]

Archives: https://www.listbox.com/member/archive/1020/=now
RSS Feed: https://www.listbox.com/member/archive/rss/1020/
Powered by Listbox: http://www.listbox.com
Re: Non-SPF TXT records and nested includes [ In reply to ]
ulc at globase
May 18, 2010, 6:12 AM
Post #5 of 5 (4632 views)
Permalink
>>> How many levels can nested includes be (includes including includes...)?
>> as long as dns rr can be, spf on its own have no limit imho on this
> No. RFC 4408 paragraph 10.1 applies to records of type SPF as well as records
> of type TXT.

I think the problem is an violation of the limit of max. 10 DNS lookups per
SPF check.

"SPF implementations MUST limit the number of mechanisms and modifiers that
do DNS lookups to at most 10 per SPF check, including any lookups caused by
the use of the "include" mechanism or the "redirect" modifier. If this
number is exceeded during a check, a PermError MUST be returned."

Read more:http://www.faqs.org/rfcs/rfc4408.html#ixzz0oHnev1Fh

Danskmetal.dk has 3x includes and "include:hostspf1.danskmetal.dk" has 7x
"a" mechanisms leaving no spare lookups to traverse the necessary number of
includes.

Ulrik


>
> Scott K
>
>
> -------------------------------------------
> Sender Policy Framework: http://www.openspf.org [http://www.openspf.org]
> Modify Your Subscription: http://www.listbox.com/member/
> [http://www.listbox.com/member/]
>
> Archives: https://www.listbox.com/member/archive/1020/=now
> RSS Feed: https://www.listbox.com/member/archive/rss/1020/
> Powered by Listbox: http://www.listbox.com



-------------------------------------------
Sender Policy Framework: http://www.openspf.org [http://www.openspf.org]
Modify Your Subscription: http://www.listbox.com/member/ [http://www.listbox.com/member/]

Archives: https://www.listbox.com/member/archive/1020/=now
RSS Feed: https://www.listbox.com/member/archive/rss/1020/
Powered by Listbox: http://www.listbox.com

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal