9
Oct 15

PTR mechanisms in SPF records

If PTR mechanisms are detected, the current diagnostic output is:

Warning: PTR mechanisms SHOULD NOT be used and cannot be resolved using this diagnostic tool.  More info at <this page!>.

What does the PTR mechanism mean?  When an email receiver gets a piece of email and the PTR mechanism is in the sender's SPF record, the receiver will look at the incoming IP address and do a "PTR" lookup.  For example, if the sender is sending email from IP address 1.2.3.4, the receiver will perform a PTR lookup of 1.2.3.4 to attempt to retrieve a hostname.  Lastly, if a hostname is discovered for IP address 1.2.3.4, then that hostname's domain is compared to the domain that was originally used to lookup the SPF record.

3 important things about the above:

  1. The PTR mechanism has been deprecated.  See the relevant RFC for more info.
  2. The SPF Surveyor cannot resolve PTR mechanisms because a real connection from a real sender is necessary to complete the lookup.
  3. MOST IMPORTANTLY: Some large receivers will skip the mechanism – or worse they'll skip the entire SPF record – because such mechanisms cannot be easily cached.  Imagine a large receiver doing a PTR lookup for millions of different connections... the size of the local cache explodes.

 

Tags: