[spfbis] guidance on SPF record locations
Danie de Jager <danie.dejager@striata.com> Tue, 28 April 2020 17:28 UTC
Return-Path: <danie.dejager@striata.com>
X-Original-To: spfbis@ietfa.amsl.com
Delivered-To: spfbis@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B5CEE3A0ADD for <spfbis@ietfa.amsl.com>; Tue, 28 Apr 2020 10:28:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=striata.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SklxZQV1MuZA for <spfbis@ietfa.amsl.com>; Tue, 28 Apr 2020 10:28:40 -0700 (PDT)
Received: from mail-ej1-x62b.google.com (mail-ej1-x62b.google.com [IPv6:2a00:1450:4864:20::62b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 329863A0A54 for <spfbis@ietf.org>; Tue, 28 Apr 2020 10:28:39 -0700 (PDT)
Received: by mail-ej1-x62b.google.com with SMTP id e2so17845016eje.13 for <spfbis@ietf.org>; Tue, 28 Apr 2020 10:28:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=striata.com; s=google3; h=mime-version:from:date:message-id:subject:to; bh=EyiExQ9DUh4uXfauFsk1a4Qg/r6AqzHVETHoSaPuFSU=; b=5z994tmd1g2ZqJQAJoRaEgnMcy3XawwkbeLJb9wNxHI4VtjGS5WKKAP7G6ODCVNOt7 rXF6GCsIW51Sxv1zgoWPcXfdkvaYjXaGX/09O6fiD+MtVLfyIfWzlrtCjsujzEzPeup+ jpP7zmB5Jg2XZerRtiwF3QvbMtA81KXki4AQYCRlETiWy82ric+DbzaHEDRUTlW8rSJ9 ZEtWLuFVHjwg38WzAVjvpHS2bvuByjC8TGXgmVUY1Y9mOjqGWS2d+daD8Af6k19LF1EU DHGZXjb5gZaL54ZVhuQIlMH1SF6Pb/cCo1az1eNxsqWamXUfcplMXmlERdkhrg5O9aMO bsLQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=EyiExQ9DUh4uXfauFsk1a4Qg/r6AqzHVETHoSaPuFSU=; b=W/1GOLMIq2RQgeWIJWWgLctK9WFUW5KmjSbNSV46hkjnoZq+dpkbFV0z/9KtrlQiKq bpiQpyIMaRO7fqrPXkh3QYcEtaCiU/tmoiRYSMnHprRZ3bvzgOEmESaoacPMySXZhZaz Yd5EpNVBZY38Uh0O/8T0LmDYZJLMVRrB2pKOjCI9HNCl7UKookpJhMjHNBY2nid/fM8X E0erggevpedhf5KdM88Wj2PumPm3LU7WCOwYiGtz8mxg8BgW4Njt7rTyJqfcoBJ7st6h kPgt/PAG6XH68BEFtaxmk15aFWKvi1fh4m+ZQ6BpESQMsDQZhUfx5Oy2PMzHT56IH0Q/ dXJw==
X-Gm-Message-State: AGi0PubF8HR3wWebfC1dKXnS3w7eOXhuWA1WI4n/AdNISII1B/6o+VsW W6psNkkRXXP0T65QjUEa8LHxctJaUtJhzYloSB36BWVaXlY=
X-Google-Smtp-Source: APiQypJK5WNqjdQEZx6pUpx5RkqvYc6HatlkKc86VYMKMpFv/xjh4QAOhTzXoIQfBInq7EYAATOwox0xKIP2U56nGN0=
X-Received: by 2002:a17:906:16d0:: with SMTP id t16mr25046147ejd.303.1588094918016; Tue, 28 Apr 2020 10:28:38 -0700 (PDT)
MIME-Version: 1.0
From: Danie de Jager <danie.dejager@striata.com>
Date: Tue, 28 Apr 2020 19:28:27 +0200
Message-ID: <CAC6Wms4_NVC4LXe2X4jEiYnm2dccxTAF+rkF4fWaa2KmubETXw@mail.gmail.com>
To: spfbis@ietf.org
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/spfbis/tepeumShH-RKBK8M7aOK3Q8TNAE>
X-Mailman-Approved-At: Tue, 28 Apr 2020 10:58:31 -0700
Subject: [spfbis] guidance on SPF record locations
X-BeenThere: spfbis@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SPFbis discussion list <spfbis.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spfbis>, <mailto:spfbis-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spfbis/>
List-Post: <mailto:spfbis@ietf.org>
List-Help: <mailto:spfbis-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spfbis>, <mailto:spfbis-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Apr 2020 17:28:43 -0000
Hi, Our best practise is to add a SPF record to all DNS zones, to either allow or block the sending of email from that Domain name. This can create issues when adding SPF records to DKIM selectors so that they are included. What do you think? Should some domains not have SPF records? Sending domains used: example.com. IN TXT "v=spf1 ip4:192.0.2.1 ip4:192.0.2.129 -all" Domain not sending email. www.example.com. IN TXT "v=spf1 -all" ftp.example.com. IN TXT "v=spf1 -all" Possible problem domain: selector._domainkey.example.com IN TXT "v=DKIM1; p=yourPublicKey" selector._domainkey.example.com IN TXT "v=spf1 -all" Regards, Danie de Jager
- [spfbis] guidance on SPF record locations Danie de Jager
- Re: [spfbis] guidance on SPF record locations Scott Kitterman