TXT & SPF Records

TXT RECORD :

A TXT record allows an administrator to insert arbitrary text into a DNS record. For example, this record is used to implement the Sender Policy Framework and DomainKeys specifications.
TXT record belongs in the zone data file for subdomain, not in the parent zone.

Example :


dnsmadeeasy.com. TXT IN 1800 “v=spf1 a mx ip4:66.117.40.198/32 ip4:205.234.170.0/24 ip4:64.246.42.123/32 ip4:64.246.42.203/32 ip4:63.219.151.0/24 include:tiggee.com ~all”

 

SPF POLICY :

Here is an example to give you an idea of how SPF works :

example.net. TXT “v=spf1 mx a:pluto.example.net include:gmail.com -all”

The parts of the SPF record mean the following:

  • v=spf1 - SPF version 1
  • 'mx' - the incoming mail servers (MXes) of the domain are authorized to also send mail for example.net
  • a:pluto.example.net - the machine pluto.example.net is authorized, too
  • include:gmail.com - everything considered legitimate by gmail.com is legitimate for example.net, too
  • all - all other machines are not authorized

Domains identify the machines authorized to send e-mail on their behalf. They do this by adding an additional record to their existing DNS information.

Receivers can request and use SPF information. They use ordinary DNS queries, which are typically cached to enhance performance. Receivers then interpret the SPF information as specified and act upon the result.


Please Note : The key issue in SPF is the specification for the new DNS information that domains set and receivers use. The records are laid out like this (in typical DNS-syntax):

example.org. IN TXT “v=spf1 a mx -all”

“v=” defines the version of SPF used, the following words provide mechanisms to use to determine if a domain is eligible to send mail. The “a” and “mx” specify the systems permitted to send messages for the given domain. The “-all” at the end specifies that, if the previous mechanisms did not match, the message should be rejected.