The SPF record for domain replace the current record. The
macro-expanded domain is also substituted for the current-domain in
In the following example, the client IP is 126.96.36.199 and the
current-domain is example.com.
If example.com has no SPF record, that is an error; the result is
unknown. Suppose example.com’s SPF record was “v=spf1 a -all”. Look up
the A record for example.com. If it matches 188.8.131.52, return Pass. If
there is no match, the exec fails to match, and the -all value is
The domain and current-domain meaning is not very clear here.
What happens, if example1.com spf was queried,
example1.com IN MX 0 mx.example1.com. example1.com IN TXT "v=spf1 redirect=example2.com" mx.example1.com IN A 184.108.40.206 example2.com IN MX 0 mx.example2.com. example2.com IN TXT "v=spf1 mx -all" mx.example2.com IN A 220.127.116.11
Should the spf result be 18.104.22.168 OR 22.214.171.124?
redirect to a domain, the redirected domain becomes the target for all subsequent DNS lookups, such as those performed by
See RFC 7208 § 6.1:
The <domain-spec> portion of the redirect section is expanded as per the macro rules in Section 7. Then check_host() is evaluated with the resulting string as the <domain>. The <ip> and <sender> arguments remain the same as in the current evaluation of check_host().
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.