Assistance with SPF Records for BIND
Jonathan Vomacka
juvix88 at gmail.com
Sat Feb 18 17:34:53 UTC 2012
If someone uses a mobile device to send e-mail? Would ~all be better? I
also generated the following SPF using a wizard. Let me know if this
looks correct:
teamwarfare.com. IN TXT "v=spf1 a mx a:mail.teamwarfare.com
a:mail2.teamwarfare.com ip4:66.90.73.80 ip4:216.250.250.148 ~all"
I wouldn't need an "include:" or "ptr" statement in this right? I would
told "include:" was to include OTHER domains that are allowed to send
e-mail, but then again I see some people writing the domain again as an
include. Also is PTR good to use or not?
Sten,
I read over the link but am still a bit confused.
On 2/18/2012 11:55 AM, Sten Carlsen wrote:
> Hi
>
> I suggest to use the wizards or look in the RFC:
> http://www.ietf.org/rfc/rfc4408.txt
>
>
>
> On 18/02/12 17:51, Jonathan Vomacka wrote:
>> BIND Community Support,
>>
>> I am inquiring about how to setup a proper SPF record? I know there
>> are SPF wizards/generators available but each seem to have a different
>> "opinion" of what should be included and what should not be included.
>>
>> Let me give you a scenario of my setup, and hopefully someone can help
>> me out.
>>
>> My domain is: test.com
>> My mailserver hostname is: mail.host.com which also has a MATCHING PTR
>> record
>> mail.host.com (for example) resolves to 50.1.1.1 and 50.1.1.1 resolves
>> to mail.host.com
>>
>> This is a STANDALONE mail server without any VIP's or load balancing.
>> There is however one additional host that will send out mail from the
>> domain but it wont be receiving mail, it will only be used as an SMTP
>> server attached to a website automailer... It only generates error
>> reports and sends them out... so technically it isn't a full mail
>> server but it will be sending (outbound only) mail on behalf of the
>> domain.
>>
>> The additional host is: mail2.test.com which resolves to 50.2.2.2 and
>> there is a Matching PTR.
>>
>> These are the ONLY mail servers and IP addresses that will be sending
>> out mail from the test.com domain. Some websites say I should use -all
>> and others say -all will cause some MTA's to reject and ~all is better
>> to use even if those are the only two hosts sending out mail.
>>
>> Would you be able to assist with a solid SPF record?
>> _______________________________________________
>> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
>> unsubscribe from this list
>>
>> bind-users mailing list
>> bind-users at lists.isc.org
>> https://lists.isc.org/mailman/listinfo/bind-users
>
> --
> Best regards
>
> Sten Carlsen
>
> No improvements come from shouting:
> "MALE BOVINE MANURE!!!"
>
More information about the bind-users
mailing list