SPF TXT Records not fully supported

Started by CyberOdin, January 02, 2005, 01:42:32 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

CyberOdin

January 02, 2005, 01:42:32 PM
Hello,

today I tried to create the following SPF record ...

"v=spf1 ip4:192.168.120.0/24 mx a:smtp.abyssworld.de mx:smtp.abyssworld.de ?all"      IN      TXT     @

Unfortunatly because of the slash (/) sign, the TXT record won't be created. According to ...

-> http://tinyurl.com/48xjz" target="_blank">http://tinyurl.com/48xjz (Example #3)

... this is at least valid SPF syntax.
--
Mit freundlichen Gruessen / With kind regards
Daniel S. Haischt

Wan't a complete signature??? Type at a shell prompt:
$ > finger -l mailto:haischt@daniel.stefan.haischt.name" target="_blank">haischt@daniel.stefan.haischt.name

etherealnet

#1
March 24, 2005, 03:33:04 PM
Here is a patch for NicToolServer/Zone/Record/Sanity.pm which allows the "/" for spf records. Address field must begin with v=spf1.

--- Sanity.pm.bak       2005-03-24 17:07:23.750131888 -0500
+++ Sanity.pm   2005-03-24 17:14:02.723478720 -0500
@@ -114,7 +114,7 @@
            push(@{ $self->{'error_messages'} }, "absolute host names are NOT allowed. Remove the dot and the host will automatically livewithin the current zone.");
        }
    }
-    if ($data->{'address'}!~/in-addr\.arpa\.$/i and $data->{'address'} =~ /\//){
+    if ($data->{'address'}!~/in-addr\.arpa\.$/i and $data->{'address'}!~/^v=spf1/i and $data->{'address'} =~ /\//){
        $self->{'errors'}->{'address'} = 1;
        push(@{ $self->{'error_messages'} }, "invalid character in record address '/'.  Not allowed in non-reverse-lookup addresses");

etherealnet

#2
March 25, 2005, 09:53:54 AM
Need to check for colons in the address as well, tiny no likey colons. Use this patch, not previous.


--- Sanity.pm.dist      2005-03-24 17:07:23.750131888 -0500
+++ Sanity.pm   2005-03-25 11:49:33.906392304 -0500
@@ -114,7 +114,7 @@
            push(@{ $self->{'error_messages'} }, "absolute host names are NOT allowed. Remove the dot and the host will automatically livewithin the current zone.");
        }
    }
-    if ($data->{'address'}!~/in-addr\.arpa\.$/i and $data->{'address'} =~ /\//){
+    if ($data->{'address'}!~/in-addr\.arpa\.$/i and $data->{'address'}!~/^v=spf1/i and $data->{'address'} =~ /\//){
        $self->{'errors'}->{'address'} = 1;
        push(@{ $self->{'error_messages'} }, "invalid character in record address '/'.  Not allowed in non-reverse-lookup addresses");

@@ -125,6 +125,11 @@
               push(@{ $self->{'error_messages'} }, "invalid character in record address -- $1");
        };
    }
+
+#colons break things, replace them with their octal value
+    if($data->{'address'} =~ /:/) {
+       $data->{'address'} =~ s/:/\\072/g;
+       }

    if($data->{'type'}){
        $data->{'type'} =~ tr/a-z/A-Z/; # make form input upper case, so following checks catch
Print
Go Up Pages1
User actions