Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Wednesday, August 7, 2013 11:43 PM
HI,
How many character can I add in TXT SPF record? As I know the answer is 256, is this correct.
I have an issue when I create SPF record to domain xxx.com that I have 18 servers on different site use the same SMTP domain so if I create the SPF record using IPV4 format the number of character will exceed the limit.
The output of nslookup for SPF will be as two line with > symbol. With www.dnsquery.org it will be empty
Unfortunately I tried to combine IP with subnet mask without luck and we don't want to use PRT or A mechanism because we have A records for NON exchange server
Can I divide the exchange servers on two TXT file on same DNS zone?
Any Clue?
Best Regards, Fadi.F.Haddad
All replies (6)
Monday, August 12, 2013 6:47 AM âś…Answered
Thanks Jerry .
one more question regarding the article shall use software to concatenate two SPF record or the key world is firstseconed without space
i found that we can create two spf record on same DNZ zone then use include option as below
The solution to this is called: include
An example:
@ IN TXT "v=spf1 include:_spf1.myhost.com include:_spf2.myhost.com a mx ?all"
_spf1 IN TXT "v=spf1 ip4:244.11.23.13 ip4:144.21.23.13 a mx ?all"
_spf2 IN TXT "v=spf1 ip4:222.11.11.13 ip4:244.182.23.191 ip4:203.101.22.13 a mx ?a
which option is recommend?
Best Regards, Fadi.F.Haddad
Sunday, August 11, 2013 3:20 PM
Hi,
Please check if the following article is helpful.
https://kb.isc.org/article/AA-00356/0/Can-I-have-a-TXT-or-SPF-record-longer-than-255-characters.html
Best Regards Jeremy Wu
Sunday, August 11, 2013 3:29 PM
You can have multiple SPF records for different allowed hosts.
v=spf1 ip4:10.10.10.10/32 -all
But why don't you just do something like:
v=spf1 MX mx:mail.contoso.com -all
MCITP-EA | "Never test how deep the water is with both feet"
Monday, August 12, 2013 5:44 AM
Thanks Ryan..
we can't use MX mechanism because our servers use different IP address to send .
I tried to use Subnet for but still the SPF record will be longer than 255 charterers
Best Regards, Fadi.F.Haddad
Wednesday, August 14, 2013 12:09 PM
Include mechanism as above example solve the issue
Best Regards, Fadi.F.Haddad
Thursday, August 15, 2013 2:35 AM
Hi,
Glad to hear that the issue has been resolved.
Cheers!