[colug-432] SPF and other stuff for personal domains
Rob Funk
rfunk at funknet.net
Mon Feb 13 12:07:29 EST 2017
On Monday, February 13, 2017 10:26:12 AM EST, Rick Troth wrote:
> ip4:198.178.231.250
> ip4:174.105.80.118
> mean that 198.178.231.250 and 174.105.80.118 are explicitly okay as senders
> And here I really should add some IP6 entries since I claim to
> be so fond of IPv6. But how long can a TXT record be? Or can we
> have multiple TXT records serving SPF? This particular mechanism
> maybe doesn't scale as well as the others.
The initial length limit on TXT records is that a single "string" in a TXT
record is limited to 255 characters. However, multiple "strings" can be
concatenated together, up to a 64k limit. The other major limit that
applies (and is often a relevant factor for DKIM) is UDP; a DNS record
longer than 512 bytes won't fit in a UDP packet, requiring a retry in TCP.
Some DNS clients don't do TCP, and even among those that do, adding a TCP
handshake adds time to the query.
> Question: can I use DKIM with Postfix? or even with Sendmail?
> Or what MTA do y'all use?
Yes you can, in fact with the same "milter" mechanism for both Postfix and
Sendmail. You set up a daemon like opendkim that understands how to filter
mail as a "milter", and tell Postfix/Sendmail to filter mail through it.
- Rob
More information about the colug-432
mailing list