Mobile app version of vmapp.org
Login or Join
Rivera981

: TXT vs SPF record for Google servers SPF record, either or both? According to Google’s documentation, https://support.google.com/a/bin/answer.py?hl=en&answer=178723 It clearly says Create a TXT

@Rivera981

Posted in: #Dns

According to Google’s documentation, support.google.com/a/bin/answer.py?hl=en&answer=178723
It clearly says Create a TXT record containing this text: v=spf1 include:_spf.google.com ~all

Why is this not a SPF record?

RFC4408 defines SPF records, but it seems it’s not really used tools.ietf.org/html/rfc4408#section-3.1.1
Is that right? Should I create both TXT and SPF ?

Thanks

10.04% popularity Vote Up Vote Down


Login to follow query

More posts by @Rivera981

4 Comments

Sorted by latest first Latest Oldest Best

 

@Holmes151

I realize this is a fairly old question, but in case anyone else stumbles upon it, here is what I found. It appears that the SPF record type is now obselete. See:


Studies have shown that RRTYPE 99 has not seen any substantial use, and in fact its existence and mechanism defined in [RFC4408] has led to some interoperability issues. Accordingly, its use is now obsolete, and new implementations are not to use it.


From: tools.ietf.org/html/draft-ietf-spfbis-4408bis-15#section-13.1
See also a post on cPanel's feature request forum on this topic.

10% popularity Vote Up Vote Down


 

@Karen161

Considering that it is now 7 years after the RFC was published, I say that anyone still using DNS servers that can't handle unknown RRtypes is basically THEIR problem for not keeping software up to date. (Also consider that by not upgrading, how many know exploits for which they remain vulnerable). RFC 4408 said that the overloading of the TXT RRtype was a temporary measure until the IANA issued the SPF RRtype (type 99), which also happened 7 years ago.

Therefore, I say that use of the TXT RRtype for SPF purposes expired long ago. People running resolvers which check only for the TXT type are broken.

I disagree that the SPF RRtype didn't "add value." It keeps machine processible data OUT of a human readable DNS RRtype.

10% popularity Vote Up Vote Down


 

@Goswami781

I would create both, since you have that ability. After you done, you can send and email to "mailtest@unlocktheinbox.com", it will auto-respond and give you a complete diagnosis of the email you sent letting you know, if you have everything set up correctly.

10% popularity Vote Up Vote Down


 

@Turnbaugh106

Please read status of RFC4408 "Category: Experimental" and definition of this status.

Also, from RFC


It is recognized that the current practice (using a TXT record) is not optimal, but it is necessary because there are a number of DNS server and resolver implementations in common use that cannot handle the new RR type.


and, after all, SPF RR haven't any added value, compared to TXT version

10% popularity Vote Up Vote Down


Back to top | Use Dark Theme