657
661
As an aside, do not have MX records point to CNAMEs.
664
<h2>29. Does MaraDNS have support for SPF?</h2>
666
SPF, or sender policy framework, is method of using DNS that makes
667
it more difficult to forge email. MaraDNS has full support for SPF,
668
both via TXT records and, starting with MaraDNS 1.2.08, via RFC4408
673
SPF configuration is beyond the scope of MaraDNS' documentation. However,
674
at the time of this FAQ entry being written (June, 2006), information
675
and documentation concerning SPF is available at
676
<A href="http://openspf.org">http://openspf.org</A>. The BIND examples
677
will work in MaraDNS csv2 zone files as long as the double quotes (") are
678
replaced by single quotes ('). For example, a SPF TXT record that
679
looks like <tt>example.net. IN TXT "v=spf1 +mx a:colo.example.com/28 -all"</tt>
680
in a BIND zone file will look like
681
<tt>example.net. TXT 'v=spf1 +mx a:colo.example.com/28 -all'</tt> in a
682
MaraDNS zone file. MaraDNS version 1.2.08 and higher can also make
683
the corresponding SPF record, which will have the syntax
684
<tt>example.net. SPF 'v=spf1 +mx a:colo.example.com/28 -all'</tt>.
686
<A name="cname"> </A>
687
<h2>30. I'm having problems resolving CNAMES I have set up.</h2>
689
This is probably because you have set up what MaraDNS calls a dangling CNAME
692
Let us suppose we have a CNAME record without an A record in the local
693
DNS server's database, such as:
696
google.example.com. CNAME www.google.com.
701
This record, which is a CNAME record for "google.example.com", points
702
to "www.google.com". Some DNS servers will recursively look up
703
www.google.com, and render the above record like this:
706
google.example.com. CNAME www.google.com.
707
www.google.com. CNAME 66.102.7.104
712
For security reasons, MaraDNS doesn't do this. Instead, MaraDNS will simply
716
google.example.com. CNAME www.google.com.
719
Some stub resolvers will be unable to resolve google.example.com as
723
If you set up MaraDNS to resolve CNAMEs thusly, you will get a warning
724
in your logs about having a dangling CNAME record.
727
If you want to remove these warnings, add the following to your mararc file:
730
no_cname_warnings = 1
735
Information about how to get MaraDNS to resolve dangling CNAME
736
records is in the tutorial file <A
737
href="http://www.maradns.org/tutorial/dangling.html">dangling.html</A>