Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[baris]

I have to add around 28-30 IPs to a subdomain's SPF record... But my dns hosting provider does not support DNS records more than 250 characters..

Can I split SPF records into multiple parts? How can I add 30 IPs into a SPF record?

Thanks!
Baris

[CaLViN]

Hi,
You can use "include".
Example:

"v=spf1 a mx ip4:75.126.50.50 include:spf1.domain.com include:spf2.domain.com include:spf3.domain.com include:spf4.domain.com -all"

[baris]

But if you include sub.domain.com for the spf record of sub.domain.com, SPF fails due to a circular reference (loop)...  Any ideas to workaround this?

[CaLViN]

Suppose that you have 30 unique ips from different classes.

Your spf record would be like :


"v=spf1 a mx ip4:75.126.50.50 include:spf1.domain.com include:spf2.domain.com include:spf3.domain.com include:spf4.domain.com  include:spf5.domain.com -all"

Then you may add 6 records(ips) per spf record.

Your spf record for spf1.domain.com would be like :

"v=spf1 a mx ip4:75.126.50.50 ip4:85.126.50.50 ip4:95.126.50.50 ip4:45.126.50.50 ip4:65.126.50.50 ip4:25.126.50.50  -all"

You would do that for the rest of the records.

There is nothing recursive here.

[baris]

I have 1 subdomain and 30 different IP addresses.. That's why I'm having hard times configuring my SPF.

In your approach, do you recommend creating A records just for SPF setup, and group several IPs in spf A records, and then include the A records in the main SPF ?

[CaLViN]

Baris,
Those ips are on different C classes ?
Or on the same B or A ?

[baris]

Almost all in different classes, totally random IPs.

[CaLViN]

Okey then you should do as i have instructed on my previos message.
I think your mind is mixed up cos i have used subdomains,you couldnt get the logic.
With include directive,you can get any domains spf record included on your domain.


mydomain.com SPF record shall be :

"v=spf1 a mx ip4:75.126.50.50 include:killme.com include:loveme.com include:biteme.com include:kissme.com  include:weareallcrazy.com -all"

[luca.rea]

When you define spf you must not add "include" for the (sub)domain itself into the record

[baris]

Do I need MX or A records for those spf1.domain.com/spf2.domain.com settings? Or just TXT settings will be enough?

[CaLViN]

Do I need MX or A records for those spf1.domain.com/spf2.domain.com settings? Or just TXT settings will be enough?

Just txt records like you do on your main domain.

[baris]

Thanks, I completed the setup and waiting for a dns update, I'll test after that..

[baris]

I have a problem with this SPF setup:

Found v=spf1 record for bounces.directiq.com:
v=spf1 a mx include:spf1.directiq.com include:spf2.directiq.com include:spf3.directiq.com include:spf4.directiq.com include:spf5.directiq.com include:spf6.directiq.com ~all

evaluating...
Results - PermError SPF Permanent Error: Too many DNS lookups

[luca.rea]

Can you post all SPF records?

[baris]

I decided to use a /16 setting for all my IP range, thanks for all the help offers..