Use of backslashes in TXT records

[Nicolas Szalay]

Hello,

I have been struggling for a while with this one, and did not find any related GH issue :

When I want to insert a single backslash into a TXT record it appears to get crushed. Example as follows :

Current TXT record :

$ dig TXT +short _dmarc.XXXX.com
"v=DMARC1\; p=reject\; sp=reject\; pct=100\; rua=mailto:xx...@yyyy.com\; ruf=mailto:xx...@yyyy.com\; fo=1"

As defined (snipped) in my js config :

dmarc = [
  "v=DMARC1\\;",
  'p=reject\\;',
  'sp=reject\\;',
  'pct=100\\;',
  'rua=mailto:xx...@yyyy.com\\;',
  'ruf=mailto:xx...@yyyy.com\\;',
  'fo=1'
].join(' ');

TXT('_dmarc', dmarc, TTL(300)),

And the preview gives me :

#1: MODIFY TXT _dmarc.XXXX.com: ("v=DMARC1\; p=reject\; sp=reject\; pct=100\; rua=mailto:xx...@yyyy.com\; ruf=mailto:xx...@yyyy.com\; fo=1" ttl=300) -> ("v=DMARC1; p=reject; sp=reject; pct=100; rua=mailto:xx...@yyyy.com; ruf=mailto:xx...@yyyy.com; fo=1" ttl=300)

If I use 4 backslashes, instead of 2 in the code, I get 2 backslashes in the preview, as expected.

Any hint of what I would be missing here ?

Thanks

Nicolas

[Craig Peterson]

Hmm, very strange indeed. I have added a test to the javascript side of things to confirm that `\\` does get communicated to the backend with the correct escaping. So it must be somewhere downstream from there. What DNS providers are you using?

https://github.com/StackExchange/dnscontrol/blob/master/pkg/js/parse_tests/016-backslash.js

My first suspicion is that it is a problem round tripping it to some provider, but that doesn't quite fit in my mind yet. Still digging. 

[Craig Peterson]

I'm using your exact config with a cloudflare domain and I get exactly what I expect:

#6: CREATE record: _dmarc TXT 1 v=DMARC1\; p=reject\; sp=reject\; pct=100\; rua=mailto:xx...@yyyy.com\; ruf=mailto:xx...@yyyy.com\; fo=1

[Nicolas Szalay]

Hello Craig,

It is happening with the route53 provider. I don't have tested with another one.

Can I provide some help from my side ?

Thanks for looking in

Nico

[Tom Limoncelli]

Why is there a need for backslashes?

The philosophy we have is that humans are bad at adding escaping
characters. Therefore, dnscontrol does it for you.

At StackOverflow we use:

TXT('_dmarc',
'v=DMARC1;p=reject;sp=reject;pct=100;rua=mailto:dob...@stackex.com'),

dnscontrol does the right thing:

$ dig +short _dmarc.stackex.com txt
"v=DMARC1\;p=reject\;sp=reject\;pct=100\;rua=mailto:dob...@stackex.com"

Would that work for you?

Tom

> --
> You received this message because you are subscribed to the Google Groups "DNSControl-discuss" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to dnscontrol-disc...@googlegroups.com.
> To post to this group, send email to dnscontro...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/dnscontrol-discuss/a076e8f4-ed42-4318-b453-1ca247e3c2f1%40googlegroups.com.
>
> For more options, visit https://groups.google.com/d/optout.




--
Email: t...@whatexit.org Work: tlimo...@StackOverflow.com
Blog: http://EverythingSysadmin.com/

[Nicolas Szalay]

Hello,

Thanks for your comment, it was indeed the correct solution : we had overengineered this part when porting from our old setup to the one using dnscontrol

We are now all set :)

Many thanks

Nicolas

On Friday, September 15, 2017 at 7:53:50 PM UTC+2, Tom Limoncelli wrote:

Why is there a need for backslashes?

The philosophy we have is that humans are bad at adding escaping
characters. Therefore, dnscontrol does it for you.

At StackOverflow we use:

   TXT('_dmarc',

'v=DMARC1;p=reject;sp=reject;pct=100;rua=mailto:xxx@stackex.com'),

dnscontrol does the right thing:

$ dig +short _dmarc.stackex.com txt

"v=DMARC1\;p=reject\;sp=reject\;pct=100\;rua=mailto:x...@stackex.com"