问题
For example I have an array with this ips and want to create with my code an long spf record:
$array_ips = array();
$array_ips[] = "32.16.8.133";
$array_ips[] = "32.16.4.247";
$array_ips[] = "35.16.8.184";
$array_ips[] = "32.16.8.127";
$array_ips[] = "32.16.8.134";
$array_ips[] = "32.16.2.154";
$array_ips[] = "32.16.2.153";
$array_ips[] = "32.16.2.150";
$array_ips[] = "39.16.2.190";
$array_ips[] = "32.16.2.128";
$array_ips[] = "32.16.0.128";
$array_ips[] = "32.16.8.187";
$array_ips[] = "43.16.8.185";
$array_ips[] = "32.16.8.192";
$array_ips[] = "32.16.4.249";
$array_ips[] = "52.16.4.252";
$array_ips[] = "32.16.4.238";
$array_ips[] = "32.16.4.232";
$ips = implode(' ip4:', $array_ips);
echo "v=spf1 +a +mx".$ips." -all";
The spf record would be:
v=spf1 +a +mx ip4:32.16.8.133 ip4:32.16.4.247 ip4:32.16.8.184 ip4:32.16.8.127 ip4:32.16.8.134 ip4:32.16.2.154 ip4:32.16.2.153 ip4:32.16.2.150 ip4:32.16.2.190 ip4:32.16.2.128 ip4:32.16.0.128 ip4:32.16.8.187 ip4:32.16.8.185 ip4:32.16.8.192 ip4:32.16.4.249 ip4:32.16.4.252 ip4:32.16.4.238 ip4:32.16.4.232 -all
Characters: 307
The Problem is, that an SPF only can be max. 255 characters long. No possibility to add such a long string in plesk or cpanel in txt dns record. I have heared that if could be possible to do it like this "v=spf1 .... first" "spf second string...".
But does it realy work? How to do it by generating it in my example above?
回答1:
You could do something like the below if your happy to allow a /24 subnet for a couple of IP's. You could even subnet it correctly if you fancied. It's cut down your list drastically anyways.
<?php
$array_ips = array();
$array_ips[] = "32.16.8.133";
$array_ips[] = "32.16.4.247";
$array_ips[] = "35.16.8.184";
$array_ips[] = "32.16.8.127";
$array_ips[] = "32.16.8.134";
$array_ips[] = "32.16.2.154";
$array_ips[] = "32.16.2.153";
$array_ips[] = "32.16.2.150";
$array_ips[] = "39.16.2.190";
$array_ips[] = "32.16.2.128";
$array_ips[] = "32.16.0.128";
$array_ips[] = "32.16.8.187";
$array_ips[] = "43.16.8.185";
$array_ips[] = "32.16.8.192";
$array_ips[] = "32.16.4.249";
$array_ips[] = "52.16.4.252";
$array_ips[] = "32.16.4.238";
$array_ips[] = "32.16.4.232";
$subnetArr = [];
foreach ($array_ips as $k=>$v ) {
$i = strrpos($v, '.');
$testSub = substr($v, 0, -(strlen($v) - $i));
if (in_array("ip4:" . $testSub . ".1/24", $subnetArr)) {
//Do something here or change condition
} else {
array_push($subnetArr,"ip4:" . $testSub . ".1/24");
}
}
$ips = implode(' ', $subnetArr);
echo "v=spf1 +a +mx ".$ips." -all";
Output
v=spf1 +a +mx ip4:32.16.8.1/24 ip4:32.16.4.1/24 ip4:35.16.8.1/24 ip4:32.16.2.1/24 ip4:39.16.2.1/24 ip4:32.16.0.1/24 ip4:43.16.8.1/24 ip4:52.16.4.1/24 -all
Edit:
Just changed so it actually echo's SPF!
回答2:
You can break it up into multiple include's..
"v=spf1 mx a include:iprange1.example.com include:iprange2.example.com -all"
Then under each include DNS you'll have
iprange1.example.com = "v=spf1 ip4:32.16.8.133 ... -all"
iprange2.example.com = "v=spf1 ip4:32.16.4.238 ... -all"
This will gave you a lot more room because you'll be able to include 8 includes along with your mx and a
Then each include can hold 16 ip4 addresses that will get your around 128 IP addresses that your can't CIDR.
Edit - iprange1 --> iprange2 on line 2 of 2nd code snippet
回答3:
You'll need to do by sub-net. Use the standard IP4 sub-net notation:
"v=spf1 ip4:192.168.0.1/16 -all"
Allow any IP address between 192.168.0.1 and 192.168.255.255.
回答4:
I have found the solution:
echo "v=spf1 +a +mx ( "'.implode('" "',$array_ips).' " ) -all";
but the page i found it is not in enlish. (spaces are requierd and ())
http://www.nullpointer.at/keyword/spf/
Translated:
The TXT record is too long. Here, in this example, the TXT record was split into several lines. The syntax for this is: brace on (then in quotation marks "first part " next line in quotation marks "second part", etc., and finally parenthesis). Important: Do not forget the blanks within each section enclosed in quotation marks: "first part" "second part" is then composed to "first partsecond part".
来源:https://stackoverflow.com/questions/41028266/how-to-create-spf-record-for-many-ips-spf-longer-than-255-characters