A/AAAA IPv6 Record in SPF
TL;DR In v=spf1 a mx ~all
the a is for both A (IPv4) and AAAA (IPv6)
RFC 7208 says:
Designated sender mechanisms are used to identify a set of
addresses as being permitted or not permitted to use the
sending mail. The designated sender mechanisms are as follows:
a
mx
ptr (do not use)
ip4
ip6
exists
{snip}
When any mechanism fetches host addresses to compare with
address, “AAAA” records are fetched. SPF implementations on IPv6
servers need to handle both “AAAA” and “A” records, for clients on
IPv4-mapped IPv6 addresses [RFC4291].
2 thoughts on “A/AAAA IPv6 Record in SPF”
I can not find what you are saying on the OpenSPF source URL you have specified. Actually, it states:
“All the A records for domain are tested. If the client IP is found among them, this mechanism matched”
It explicitly says A, not AAAA.
Thanks Tozz,
I cannot find it again either *shrug*
https://tools.ietf.org/html/rfc7208 does however state:
Designated sender mechanisms are used to identify a set of for
addresses as being permitted or not permitted to use the
sending mail. The designated sender mechanisms are as follows:
a
mx
ptr (do not use)
ip4
ip6
exists
…
When any mechanism fetches host addresses to compare with, when
is an IPv4, “A” records are fetched; when is an IPv6
address, “AAAA” records are fetched. SPF implementations on IPv6
servers need to handle both “AAAA” and “A” records, for clients on
IPv4-mapped IPv6 addresses [RFC4291].
Thanks for your comment I’ll update this page.