[Pdns-users] dig doesn't work after adding SPF record

shion svenbroeske at web.de
Fri Jul 31 15:04:25 UTC 2009 

Hi folks,

I have added a domain in my nameserver with the following configuration:
SOA	ns.inwx.de foo at bar.de 2009073103
NS	ns.inwx.de
NS	ns2.inwx.de
NS	ns3.inwx.de

After this I have checked the entries with dig, that everything is correct.

-----------------------------------------------------------------
$ dig @ns.inwx.de spf-record-test.de ANY

; <<>> DiG 9.5.1-P2 <<>> @ns.inwx.de spf-record-test.de ANY
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42148
;; flags: qr aa rd; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 3
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;spf-record-test.de.            IN      ANY

;; ANSWER SECTION:
spf-record-test.de.     3600    IN      NS      ns.inwx.de.
spf-record-test.de.     3600    IN      NS      ns2.inwx.de.
spf-record-test.de.     3600    IN      SOA     ns.inwx.de. foo at bar.de.
2009073103 10800 3600 604800 3600
spf-record-test.de.     3600    IN      NS      ns3.inwx.de.

;; ADDITIONAL SECTION:
ns3.inwx.de.            3600    IN      A       217.20.112.194
ns2.inwx.de.            3600    IN      A       213.239.206.103
ns.inwx.de.             3600    IN      A       217.70.142.66

;; Query time: 26 msec
;; SERVER: 217.70.142.66#53(217.70.142.66)
;; WHEN: Fri Jul 31 16:09:54 2009
;; MSG SIZE  rcvd: 181
-----------------------------------------------------------------

Next step..
Now I have added a SPF record.
SPF	v=spf1 -all

And checked the entries with dig again.

-----------------------------------------------------------------
$ dig @ns.inwx.de spf-record-test.de ANY

; <<>> DiG 9.5.1-P2 <<>> @ns.inwx.de spf-record-test.de ANY
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 54903
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;spf-record-test.de.            IN      ANY

;; Query time: 27 msec
;; SERVER: 217.70.142.66#53(217.70.142.66)
;; WHEN: Fri Jul 31 16:12:29 2009
;; MSG SIZE  rcvd: 36
-----------------------------------------------------------------

After adding a SPF record, it isn't possible to dig the domain.
I don't get any records of the domain. After removing the SPF record it is
possible again.
It seems to be a problem with pdns and SPF records.

Furthermore it seems that some mailservers can't deliver e-mails because the
nameserver lookup deferred, if the SPF record is set.

Does somebody know, what I can do to solve the problem?
Or maybe it is a bug?!

The used pdns-server version is 2.9.22-1.

$ dig -v
DiG 9.5.1-P2

Thanks,

shion
-- 
View this message in context: http://www.nabble.com/dig-doesn%27t-work-after-adding-SPF-record-tp24757839p24757839.html
Sent from the PowerDNS mailing list archive at Nabble.com.

More information about the Pdns-users mailing list