Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: SPF: Devel

Split text records and SPF

  

 
SPF devel RSS feed   Index | Next | Previous | View Threaded


wechsler at phase

Jan 23, 2004, 3:39 AM

Post #1 of 5 (2094 views)
Permalink
Split text records and SPF
A very kind friend of mine has just given me a patch to allow PHP to
gather TXT records directly (without shelling to /usr/bin/sh), so I hope
the load and responsiveness of the infinitepenguins sites will improve
shortly.

However this brings me back to a problem I've noted in fetching SPF
records: The following mail explains it:

> > Hi, I'm using djbdns and it automatically splits long TXT records
> > into 127 byte chunks:
> >
> > kabbalah.com. 86400 IN TXT "v=spf1 mx ptr
> > mx:kabbalah.com ip4:64.239.129.96/27 ip4:208.179.200.0/27
> > ip4:208.179.207.32/27 ip4:12.35.200.64/27 ip4:63.212.16" "7.64/27 ?all"

Now it I see a TXT record, I treat it as SPF if it starts with v=spf1,
and I throw it away if it doesn't.

This behaviour of djbdns means that this gives me a truncated record for
the above example:

http://www.infinitepenguins.net/SPF/register.php?domain=kabbalah.com

Previously I tried gluing together subsequent TXT records, but that
meant that valid SPF records were getting other uses of TXT records
appended to them and thus returning trash.

So, folks, what *do* I do?

Wechsler

-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname@`{5wSӰ)h


wayne at midwestcs

Jan 23, 2004, 4:57 AM

Post #2 of 5 (2060 views)
Permalink
Re: Split text records and SPF [In reply to]
In <4010F9DA.1040304 [at] phase> Wechsler <wechsler [at] phase> writes:

> > > Hi, I'm using djbdns and it automatically splits long TXT records
> > > into 127 byte chunks:

WTF?

Why in the world would djbdns do that?

My immediate reaction is: If you use a broken DNS server, don't
create SPF records that cause it to break.

Does DJB's caching DNS program also break things? If not, then this
is really just a problem for the domain owner.


-wayne

-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname@`{5wSӰ)h


lists at mehnle

Jan 23, 2004, 5:06 AM

Post #3 of 5 (2055 views)
Permalink
RE: Split text records and SPF [In reply to]
Wechsler [wechsler [at] phase] wrote:
> > > Hi, I'm using djbdns and it automatically splits long TXT records
> > > into 127 byte chunks:
>
> [...] So, folks, what *do* I do?

Use another DNS server, or restrict yourself to using SPF records below 127 bytes.

-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname@#G!'Rz~3com


wechsler at phase

Jan 23, 2004, 5:14 AM

Post #4 of 5 (2047 views)
Permalink
Re: Split text records and SPF [In reply to]
Julian Mehnle wrote:

> Wechsler [wechsler [at] phase] wrote:
>
>> > > Hi, I'm using djbdns and it automatically splits long TXT records
>> > > into 127 byte chunks:
>>
>>[...] So, folks, what *do* I do?
>
>
> Use another DNS server, or restrict yourself to using SPF records below 127 bytes.

Rereading my last post, my copy&paste of a third-party email fails to
make clear that I'm asking the question primarily from the other side.

AFAIR all my own SPF records are < 127 bytes. However the SPF Adoption
Roll, and all the other infinitepenguins.net SPF tools (and for that
matter every SPF validator anywhere) need to gather SPF records correctly.

How should these validators handle split records? Trash them, join them,
or just gibber?

If they are an error, how should djbdns users cope? I'm not sure
Julian's answer (although valid) is going to please them.

Wechsler


-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname@`{5wSӰ)h


wayne at midwestcs

Jan 23, 2004, 5:20 AM

Post #5 of 5 (2035 views)
Permalink
Re: Split text records and SPF [In reply to]
In <40111008.1060100 [at] phase> Wechsler <wechsler [at] phase> writes:

> How should these validators handle split records? Trash them, join
> them, or just gibber?

Validators should treat them just like the spec says. Don't try to
join them together.

> If they are an error, how should djbdns users cope?

Make sure that the SPF records are short enough not to cause djbdns to
break things. Using the include: mechanism would help in many cases,
although that causes extra lookups. (They should be cached, but
still.)


-wayne



-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname@`{5wSӰ)h

SPF devel RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.