A/AAAA IPv6 Record in SPF

A/AAAA IPv6 Record in SPF

TL;DR In v=spf1 a mx ~all the a is for both A (IPv4) and AAAA (IPv6)

RFC 7208 says:

Designated sender mechanisms are used to identify a set of
addresses as being permitted or not permitted to use the for
sending mail. The designated sender mechanisms are as follows:

a
mx
ptr (do not use)
ip4
ip6
exists

{snip}

When any mechanism fetches host addresses to compare with , when
is an IPv4, “A” records are fetched; when is an IPv6
address, “AAAA” records are fetched. SPF implementations on IPv6
servers need to handle both “AAAA” and “A” records, for clients on
IPv4-mapped IPv6 addresses [RFC4291].

Source: https://tools.ietf.org/html/rfc7208

2 thoughts on “A/AAAA IPv6 Record in SPF

  1. I can not find what you are saying on the OpenSPF source URL you have specified. Actually, it states:

    “All the A records for domain are tested. If the client IP is found among them, this mechanism matched”

    It explicitly says A, not AAAA.

    1. Thanks Tozz,

      I cannot find it again either *shrug*
      https://tools.ietf.org/html/rfc7208 does however state:

      Designated sender mechanisms are used to identify a set of
      addresses as being permitted or not permitted to use the for
      sending mail. The designated sender mechanisms are as follows:

      a
      mx
      ptr (do not use)
      ip4
      ip6
      exists

      When any mechanism fetches host addresses to compare with , when
      is an IPv4, “A” records are fetched; when is an IPv6
      address, “AAAA” records are fetched. SPF implementations on IPv6
      servers need to handle both “AAAA” and “A” records, for clients on
      IPv4-mapped IPv6 addresses [RFC4291].

      Thanks for your comment I’ll update this page.

Leave a Reply

Your email address will not be published. Required fields are marked *