SPF: Difference between v=spf1 include:_spf.google.com ~all and v=spf1 include:spf.google.com ~all

spf

Solution 1:

spf.google.com doesn't exist, while _spf.google.com contains a valid SPF record.

In other words: only the first line will actually work (as of now).

If you search DNS for _spf.google.com you get the following result:

_spf.google.com IN TXT v=spf1 include:_netblocks.google.com include:_netblocks2.google.com include:_netblocks3.google.com ~all

Google is using the _underscore addresses to hold particular DNS records. There is no particular significance to the character choice; it's just their naming convention.

Related

ESXi network setup for isolated internal virtual machines
How many iptables block rules is too many
Couldn't execute 'show events' on mysqldump
kinit & pam_sss: Cannot find KDC for requested realm while getting initial credentials
Limit ssh to local network, except for the git user
How to remove all messages from exim mail queue from a certain user/email
Serial Over LAN on FreeBSD 10.0 with SuperMicro X9-SCM-F
Windows Server - "Not enough storage available error"
Can not truncate / clear error.log on apache, but can do it manually with nano
Where does a firewall application fit into the software stack?
tail all log files in a directory | exclude zipped files
How can I suppress Postfix anvil statistics from system logs?