1 7208:3172 ../spf/spf_test.go:221

2RFC 7208, "Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1", April 2014

3Source of RFC: spfbis (app)

4

5

6Errata ID: 6216

7Status: Reported

8Type: Technical

9Publication Format(s) : TEXT

10Reported By: David Bürgin

11Date Reported: 2020-06-26

12

13Section A.4 says:

14

15ptr._spf.example.com. SPF "v=spf1 -ptr +all"

16

17It should say:

18ptr._spf.example.com. TXT "v=spf1 -ptr:example.com +all"

19

20Notes:

21

22The example in appendix A.4, 'Multiple Requirements Example', does not

23work as intended.

24

25In the example, the SPF record at ptr._spf.example.com contains the

26directive '-ptr'.

27

28When this directive is evaluated, the <target-name> is equal to

29'ptr._spf.example.com'. An input <ip> such as 192.0.2.10, which has a

30PTR record pointing to 'example.com', will fail to match, as that domain

31is not equal to nor a subdomain of 'ptr._spf.example.com'. In other

32words, given the DNS setup of appendix A, there are no inputs that

33fulfil the requirement for matching this ptr mechanism.

34

35The example can be fixed by supplying an appropriate <domain-spec>:

36replace '-ptr' with '-ptr:example.com'.

37

38