SPF/TXT records
Michael Milligan
milli at acmeps.com
Thu Jun 18 07:35:30 UTC 2009
This is a bit OT, but...
You specify in an SPF (TXT) record your outbound MTAs, the ones that
everybody outside of your organization will see your mail sourced from.
If it goes through a third-party outsourced provider, you put the
provider's MTAs in your record (best via an include:). If your
marketing people use a third-party spammer^H^H^H^H^H^H^H provider for
sending e-mail blasts, you also put those MTAs in your record (again,
best via an include:). Leave your internal relays out of the record,
nobody outside sees them or cares about them. (This is a specific
short-coming of SPF, it doesn't really work with forwarding and
relaying.) If you can't work around your forwarding / relaying issues,
think about using DKIM to sign your messages. DKIM doesn't care how
mail gets delivered as it's not tied to MTA IP addresses like SPF is and
is thus forwarding and relaying insensitive.
See openspf.org and dkim.org for more details.
Regards,
Mike
--
Michael Milligan -> milli at acmeps.com
More information about the bind-users
mailing list