<optional> check-mx-cname ( <replaceable>warn</replaceable> | <replaceable>fail</replaceable> | <replaceable>ignore</replaceable> ); </optional>
<optional> check-srv-cname ( <replaceable>warn</replaceable> | <replaceable>fail</replaceable> | <replaceable>ignore</replaceable> ); </optional>
<optional> check-sibling <replaceable>yes_or_no</replaceable>; </optional>
- <optional> check-spf ( <replaceable>warn</replaceable> | <replaceable>fail</replaceable> | <replaceable>ignore</replaceable> ); </optional>
+ <optional> check-spf ( <replaceable>warn</replaceable> | <replaceable>ignore</replaceable> ); </optional>
<optional> allow-new-zones { <replaceable>yes_or_no</replaceable> }; </optional>
<optional> allow-notify { <replaceable>address_match_list</replaceable> }; </optional>
<optional> allow-query { <replaceable>address_match_list</replaceable> }; </optional>
The default is <command>yes</command>.
</para>
<para>
- Check that the two forms of Sender Policy Framework
- records (TXT records starting with "v=spf1" and SPF) either
- both exist or both don't exist. Warnings are
- emitted it they don't and be suppressed with
+ The use of the SPF record for publishing Sender
+ Policy Framework is deprecated as the migration
+ from using TXT records to SPF records was abandoned.
+ Enabling this option also checks that a TXT Sender
+ Policy Framework record exists (starts with "v=spf1")
+ if there is an SPF record. Warnings are emitted if the
+ TXT record does not exist and can be suppressed with
<command>check-spf</command>.
</para>
</listitem>
<term><command>check-spf</command></term>
<listitem>
<para>
- When performing integrity checks, check that the
- two forms of Sender Policy Framwork records (TXT
- records starting with "v=spf1" and SPF) both exist
- or both don't exist and issue a warning if not
- met. The default is <command>warn</command>.
+ If <command>check-integrity</command> is set then
+ check that there is a TXT Sender Policy Framework
+ record present (starts with "v=spf1") if there is an
+ SPF record present. The default is
+ <command>warn</command>.
</para>
</listitem>
</varlistentry>
<optional> check-names (<constant>warn</constant>|<constant>fail</constant>|<constant>ignore</constant>) ; </optional>
<optional> check-mx (<constant>warn</constant>|<constant>fail</constant>|<constant>ignore</constant>) ; </optional>
<optional> check-wildcard <replaceable>yes_or_no</replaceable>; </optional>
- <optional> check-spf ( <replaceable>warn</replaceable> | <replaceable>fail</replaceable> | <replaceable>ignore</replaceable> ); </optional>
+ <optional> check-spf ( <replaceable>warn</replaceable> | <replaceable>ignore</replaceable> ); </optional>
<optional> check-integrity <replaceable>yes_or_no</replaceable> ; </optional>
<optional> dialup <replaceable>dialup_option</replaceable> ; </optional>
<optional> file <replaceable>string</replaceable> ; </optional>
projects / thirdparty / bind9.git / commitdiff
