Am 02.01.2017 um 14:18 schrieb Sebastian Nielsen: > OFC you must specify both unless you have completely disabled sending of > outgoing mail via IPv6.
I think, that's wrong One may publish records like "v=spf1 a -all" for a host mail.example.org mail.example.org. A 192.0.2.25 mail.example.org. AAAA 2001:db8::6:25 mail.example.org. TXT "v=spf1 a -all" This require two or three dns lookups. (1x TXT, 1x A and 1x AAAA depending on the spf implementation) To save lookups and make the authentication more robust it's also possible to specify the addresses explicit: mail.example.org. A 192.0.2.25 mail.example.org. AAAA 2001:db8::6:25 mail.example.org. TXT "v=spf1 ip4:192.0.2.25 ip6:2001:db8::6:25 -all" this way one minimize the need for a receiver to do "many" lookups. You give the receiver all information with the first answer and thus have a higher chance the spf authentication will succeed. (hope no typo above...) Andreas
