Re: [dnsext] loads of TXT records for fun and profit

[Phil Pennock <namedroppers+phil@spodhuis.org>]

On 2013-05-03 at 14:01 -0700, David Conrad wrote:
> Phil,
> 
> On May 3, 2013, at 1:39 PM, Phil Pennock <namedroppers+phil@spodhuis.org> wrote:
> > That is not my understanding as a reader of RFC4408 and as someone who
> > worked with the coder (and documented the results) for the handling of
> > TXT records in a widespread MTA to be as flexible as possible and to
> > support SPF-style lookups.
>
> Last sentence of RFC 4408, section 3.1.3:
>
> "  SPF or TXT records containing multiple strings are useful in
>    constructing records that would exceed the 255-byte maximum length of
>    a string within a single TXT or SPF RR record."
>
> Sure sounds to me like 4408 anticipates multiple TXT RRs.

One TXT RR contains one or more strings, each of maximum length 255.

To rip an example I wrote for Exim docs:
   
      foo.example.  IN TXT "a" "b" "c"
      foo.example.  IN TXT "d" "e" "f"

      ${lookup dnsdb{>/ txt=foo.example}}   -> "a/d"
      ${lookup dnsdb{>/; txt=foo.example}}  -> "def/abc"
      ${lookup dnsdb{>/,+ txt=foo.example}} -> "a+b+c/d+e+f"

That's two RRs, each with three strings.

You can also look up spftest$N.test.globnix.net for N in 1..6 for more
examples.  N 2, 3 and 6 are most relevant.  (Both SPF=99 and TXT records
are present.)

spftest6 is fun, in that it breaks into multiple strings in the middle
of "v=spf1", which is absolutely allowed by the SPF specification.

-Phil