regarding adoption… it would be interesting to take a second snapshot from each of these servers in about six months to see if the trend has changed (modulo PAFs observations that not all TXT == SPF). In the mean time, declare a suspension of last call to gauge if the presumption of failure of the SPF RR merits this drastic action. /bill On 21August2013Wednesday, at 3:26, Eliot Lear wrote: > Patrik, > > First, I appreciate that you and Dave are bringing data to the table. However, in this case, it is not in dispute that queries are happening. What *is* in dispute is whether there are answers. I must admit I am having a difficult time understanding the logic, even so. The *hard* part about this was supposed to be implementation of the record in the application software. Can the shepherd answer this question: > • To what extent has that happened? > The easy part was supposed to be people actually using the SPF record, once it was out there. And so your data doesn't indicate what sort of answers you're getting. > And another thing. Randy, is it your position that WGs shouldn't create new TXT records due to transition issues? > Eliot > > On 8/21/13 12:15 PM, Patrik Fältström wrote: >> On 21 aug 2013, at 09:17, David Conrad <drc@xxxxxxxxxxxxxxx> >> wrote: >> >> >>> On Aug 20, 2013, at 9:00 PM, Andrew Sullivan <ajs@xxxxxxxxxxxxxxxxxx> >>> wrote: >>> >>>> The WG had a hard time coming up with really good data about what validators look for, ... If someone else with some busy nameservers wants to provide different evidence now, it wouldn't hurt. >>>> >>> Out of morbid curiosity, I just looked at the logs from my name server (which has both TXT and SPF RRs but which is very, very far from being busy) with a quick perl hack: >>> >> : >> : >> : >> >>> totals: spf: 1389, txt: 19435, 7.146900% >>> >>> (the numbers are queries since the name server last restarted/dumped stats) >>> >>> Will look for better data than my measly little name server. >>> >> I have been looking at the queries to one of the nameservers that Frobbit runs (which is authoritative for quite a number of zones, although not GoDaddy), and a tcpdump for a while today gives the following data: >> >> $ /usr/sbin/tcpdump -nr dns.pcap | grep 'SPF?' | wc -l >> reading from file dns.pcap, link-type EN10MB (Ethernet) >> tcpdump: pcap_loop: truncated dump file; tried to read 271 captured bytes, only got 95 >> 1105 >> $ /usr/sbin/tcpdump -nr dns.pcap | grep 'TXT?' | wc -l >> reading from file dns.pcap, link-type EN10MB (Ethernet) >> tcpdump: pcap_loop: truncated dump file; tried to read 94 captured bytes, only got 18 >> 2819 >> >> I.e. 2819 queries for TXT while there was 1105 for SPF resource record. >> >> Now, I have no idea whether all of those queries for TXT was only for the SPF usage of TXT of course, but this gives it was at least 28% of (TXT+SPF)-queries that was for SPF. >> >> Deprecating something that is in use that much just does not make any sense. >> >> Patrik >> >> >