Mailing List Archive: TXT record too long

TXT record too long

Jul 29, 2004, 7:36 AM

Post #1 of 6 (3910 views)

OK - we have several email servers so I'm trying to setup my SPF records as follows:

sdm3.com TXT v=spf1 ip4:66.179.69.14 ip4:66.179.69.16 ip4:66.179.69.17 ip4:66.179.69.18 ip4:66.179.69.19 ip4:66.179.69.20 ip4:66.179.69.21 ip4:66.179.69.22 ip4:66.179.69.25 ip4:66.179.69.26 ip4:66.179.69.27 ip4:66.179.69.28 ip4:66.179.69.29 spf1 ip4:66.179.69.32 ip4:66.179.69.58 ip4:66.179.69.59 ip4:66.179.69.132 ip4:66.179.69.140 ip4:66.179.69.141 ip4:66.179.69.148 ip4:66.179.69.156 -all

However...this is too long and my DNS won't allow it - how can I split this up? Or do I even need to list out all of my email servers IP's like this?

thks

p.s. Sorry if this is a dumb question...I'm very new to this...

-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

Re: TXT record too long [ In reply to ]

ml-daniel at lorch

Jul 29, 2004, 7:46 AM

Post #2 of 6 (3894 views)

Permalink

Hi

> sdm3.com TXT v=spf1 ip4:66.179.69.14 ip4:66.179.69.16 ip4:66.179.69.17
> ip4:66.179.69.18 ip4:66.179.69.19 ip4:66.179.69.20 ip4:66.179.69.21
> ip4:66.179.69.22 ip4:66.179.69.25 ip4:66.179.69.26 ip4:66.179.69.27
> ip4:66.179.69.28 ip4:66.179.69.29 spf1 ip4:66.179.69.32 ip4:66.179.69.58
> ip4:66.179.69.59 ip4:66.179.69.132 ip4:66.179.69.140 ip4:66.179.69.141
> ip4:66.179.69.148 ip4:66.179.69.156 -all
>
> However...this is too long and my DNS won't allow it - how can I split this
> up? Or do I even need to list out all of my email servers IP's like this?

Try grouping together mailservers using CIDR notation. You might allow more
IPs than you want, but a /24 is still less than "the whole internet".

Daniel

-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

RE: TXT record too long [ In reply to ]

kelly.gettings at smartdm

Jul 29, 2004, 7:46 AM

Post #3 of 6 (3870 views)

Permalink

Thanks Daniel - I think that will do the trick - don't know why I didn't think of this :)

-----Original Message-----
From: Daniel Lorch [mailto:ml-daniel@lorch.cc]
Sent: Thursday, July 29, 2004 9:46 AM
To: spf-help@v2.listbox.com
Subject: Re: [spf-help] TXT record too long

Hi

> sdm3.com TXT v=spf1 ip4:66.179.69.14 ip4:66.179.69.16 ip4:66.179.69.17
> ip4:66.179.69.18 ip4:66.179.69.19 ip4:66.179.69.20 ip4:66.179.69.21
> ip4:66.179.69.22 ip4:66.179.69.25 ip4:66.179.69.26 ip4:66.179.69.27
> ip4:66.179.69.28 ip4:66.179.69.29 spf1 ip4:66.179.69.32 ip4:66.179.69.58
> ip4:66.179.69.59 ip4:66.179.69.132 ip4:66.179.69.140 ip4:66.179.69.141
> ip4:66.179.69.148 ip4:66.179.69.156 -all
>
> However...this is too long and my DNS won't allow it - how can I split this
> up? Or do I even need to list out all of my email servers IP's like this?

Try grouping together mailservers using CIDR notation. You might allow more
IPs than you want, but a /24 is still less than "the whole internet".

Daniel

-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

Re: TXT record too long [ In reply to ]

bortzmeyer at nic

Jul 29, 2004, 7:50 AM

Post #4 of 6 (3924 views)

Permalink

On Thu, Jul 29, 2004 at 09:36:58AM -0500,
Kelly Gettings <kelly.gettings@smartdm.com> wrote
a message of 15 lines which said:

> sdm3.com TXT v=spf1 ip4:66.179.69.14 ip4:66.179.69.16 ip4:66.179.69.17 ip4:66.179.69.18 ip4:66.179.69.19 ip4:66.179.69.20 ip4:66.179.69.21 ip4:66.179.69.22 ip4:66.179.69.25 ip4:66.179.69.26 ip4:66.179.69.27 ip4:66.179.69.28 ip4:66.179.69.29 spf1 ip4:66.179.69.32 ip4:66.179.69.58 ip4:66.179.69.59 ip4:66.179.69.132 ip4:66.179.69.140 ip4:66.179.69.141 ip4:66.179.69.148 ip4:66.179.69.156 -all

They do not appear to be aggregable, unfortunately. So, a possible solution:

v=spf1 mx/24

Too wide, but it is better than nothing.

-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

Re: TXT record too long [ In reply to ]

jesse.thompson at doit

Jul 29, 2004, 8:38 AM

Post #5 of 6 (3871 views)

Permalink

I'm still trying to get a grasp on the finer points of this type of
technology, and this comment is probably more appropriate for the
spf-discuss list, so bear with me.

Is it accurate to say that CallerID/SenderID is not limited by the size
of the record since it allows you to span your record across multiple
DNS entries? So, wouldn't Kelly benefit from the CallerID/SenderID
implementation where she would normally be restricted like this by SPF?

Daniel Lorch wrote:

> Hi
>
>
>>sdm3.com TXT v=spf1 ip4:66.179.69.14 ip4:66.179.69.16 ip4:66.179.69.17
>>ip4:66.179.69.18 ip4:66.179.69.19 ip4:66.179.69.20 ip4:66.179.69.21
>>ip4:66.179.69.22 ip4:66.179.69.25 ip4:66.179.69.26 ip4:66.179.69.27
>>ip4:66.179.69.28 ip4:66.179.69.29 spf1 ip4:66.179.69.32 ip4:66.179.69.58
>>ip4:66.179.69.59 ip4:66.179.69.132 ip4:66.179.69.140 ip4:66.179.69.141
>>ip4:66.179.69.148 ip4:66.179.69.156 -all
>>
>>However...this is too long and my DNS won't allow it - how can I split this
>>up? Or do I even need to list out all of my email servers IP's like this?
>
>
> Try grouping together mailservers using CIDR notation. You might allow more
> IPs than you want, but a /24 is still less than "the whole internet".
>
> Daniel
>
> -------
> Archives at http://archives.listbox.com/spf-help/current/
> Donate! http://spf.pobox.com/donations.html
> To unsubscribe, change your address, or temporarily deactivate your subscription,
> please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com
>

--
-- Jesse Thompson
-- Division of Information Technology
-- University of Wisconsin - Madison
--

-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

Re: TXT record too long [ In reply to ]

nobody at xyzzy

Jul 29, 2004, 3:01 PM

Post #6 of 6 (3856 views)

Permalink

Stephane Bortzmeyer wrote:

>> v=spf1 ip4:66.179.69.14
>> ip4:66.179.69.16 ip4:66.179.69.17
>> ip4:66.179.69.18 ip4:66.179.69.19
>> ip4:66.179.69.20 ip4:66.179.69.21
>> ip4:66.179.69.22
>> ip4:66.179.69.25
>> ip4:66.179.69.26 ip4:66.179.69.27
>> ip4:66.179.69.28 ip4:66.179.69.29
>> ip4:66.179.69.32
>> ip4:66.179.69.58 ip4:66.179.69.59
>> ip4:66.179.69.132
>> ip4:66.179.69.140 ip4:66.179.69.141
>> ip4:66.179.69.148
>> ip4:66.179.69.156 -all

> They do not appear to be aggregable, unfortunately.

Your solution mx/24 or ip4:66.179.69.0/24 is probably the best.

But in theory you could always replace pairs of any "even" IP
and the next "odd" IP by e.g. ip4:66.179.69.140/31 (this saves
15 characters for 141), or in the case of ip4:66.179.69.16/30
you could even combine four IPs (16..19, saving 45 char.s)

Bye, Frank

-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com