Tiny SPF logo, depicts checking of envelope from
FAQDownloadsSitemapContact Us
How it WorksNews What it Does ServicesForums 

7.1 Macro definitions

   Certain directives perform macro interpolation on their arguments.

     macro-string = *( macro-char / VCHAR )
     macro-char   = ( "%{" ALPHA transformer *delimiter "}" )
                    / "%%" / "%_" / "%-"
     transformer  = [ *DIGIT ] [ "r" ]
     delimiter    = "." / "-" / "+" / "," / "/" / "_" / "="

   A literal "%" is expressed by "%%".
   %_ expands to a single " " space.
   %- expands to a URL-encoded space, viz. "%20".

   The following macro letters are expanded in directive arguments:

      l = local-part of responsible-sender
      s = responsible-sender
      o = responsible-domain
      d = current-domain
      i = SMTP client IP (nibble format when an IPv6 address)
      p = SMTP client domain name
      v = client IP version string: "in-addr" for ipv4 or "ip6" for ipv6
      h = HELO/EHLO domain
      r = receiving domain

   The following macro letters are expanded only in "exp" text:

      c = SMTP client IP (easily readable format)
      t = current timestamp in UTC epoch seconds notation

   The uppercase versions of all these macros are URL-encoded.

   A '%' character not followed by a '{', '%', '-', or '_' character
   MUST be interpreted as a literal.  SPF publishers SHOULD NOT rely on
   this feature; they MUST escape % literals.  For example, an
   explanation TXT record
      Your spam volume has increased by 581%
   is incorrect.  Instead, say
      Your spam volume has increased by 581%%

   Legal optional transformers are:

        *DIGIT ; zero or more digits
        'r'    ; reverse value, splitting on dots by default

   If transformers or delimiters are provided, the macro strings are
   split into parts.  After performing any reversal operation or
   removal of left-hand parts, the parts are rejoined using "." and not
   the original splitting characters.
   
   By default, strings are split on "." (dots).  Macros may specify
   delimiter characters which are used instead of ".".  Delimiters
   MUST be one or more of the characters:
      "." / "-" / "+" / "," / "/" / "_" / "="

   The 'r' transformer indicates a reversal operation: if the client IP
   address were 192.0.2.1, the macro %{i} would expand to "192.0.2.1"
   and the macro %{ir} would expand to "1.2.0.192".

   The DIGIT transformer indicates the number of right-hand parts to
   use after optional reversal.  If a DIGIT is specified, it MUST be
   nonzero.  If no DIGITs are specified, or if the value specifies more
   parts than are available, all the available parts are used.  If the
   DIGIT was 5, and only 3 parts were available, the macro interpreter
   would pretend the DIGIT was 3.  Implementations MAY limit the
   number, but MUST support at least a value of 9.

   For the "l" and "s" macros: when the local-part is not defined, the
   string "postmaster" is substituted.  The local-part might be
   undefined if the  is drawn from the HELO command
   rather than the MAIL FROM.

   For IPv4 addresses, both the "i" and "c" macros expand to the
   standard dotted-quad format.

   For IPv6 addresses, the "i" macro expands to dot-format address; it
   is intended for use in %{ir}.  The "c" macro may expand to any of
   the hexadecimal colon-format addresses specified in RFC3513 section
   2.2.  It is intended for humans to read.

   Use of the "t" macro in DNS lookups would greatly reduce the
   effectiveness of DNS caching.  The "t" macro is only allowed in
   explanation records.  The value of the "t" macro SHOULD NOT change
   during the evaluation of a given SPF record.



   The "p" macro expands to the validated domain name of the SMTP
   client.  The validation procedure is described in section 4.6.  If
   there are no validated domain names, the word "unknown" is
   substituted.  If multiple validated domain names exist, the first one
   returned in the PTR result is chosen.

   The "r" macro expands to the name of the receiving MTA.  This SHOULD
   be a fully qualified domain name, but if one does not exist (as when
   the checking is done by a script) or if policy restrictions dictate
   otherwise, the word "unknown" SHOULD be substituted.  The domain
   name MAY be different than the name found in the MX record that the
   client MTA used to locate the receiving MTA.

   The "s" macro expands to the sender email address: a localpart, an @
   sign, and a domain.  The "o" macro is the domain part of the "s".
   They remain the same during a recursive "include" or "redirect"
   subquery.

   When the result of macro expansion is used in a domain name query, if
   the expanded domain name exceeds 255 characters (the maximum length
   of a domain name), the left side is truncated to fit, by removing
   successive subdomains until the total length falls below 255
   characters.

   Uppercased macros are URL escaped.

   URL encoding is described in RFC2396.
Home Services Media Contributors Sitemap Contact Us
Copyright © 2004-2006, licensed under the GFDL.