Search Again: Re: spf support in QuickDNS? From: admin@gippy.net Date: Monday, August 16, 2004 Time: 9:46:48 pm Also if you use -all make sure to educate your hosting clients, if they are using their ISPs SMTP server for relaying mail, like Earthlink users or others may be doing if the ISP blocks port 25, and/or you don't provide an alternative port for them to direct outgoing mail to, then the SPF record below with -all would say that if mail came from mx.earthlink.net and says its from virtualdomain.com then it will come back with an SPF "fail". During the training and checking on your hosting clients and if they are using an outside SMTP mail server to ever relay mail that says its from their domain then you might want to setup ~all which will produce a softfail if it does not match the SPF records which is what we are doing until each of our hosting clients agrees they understand what we are doing, why, and what it means to them, and how to relay through us using an alternative port if they are with an ISP that blocks port 25. On Mon, 16 Aug 2004 23:39:16 -0500 <admin@gippy.net> wrote: >Be careful with this, if you run any type of form to mail script on a >web server, and you are using php mail, sendmail, etc. to process and >send the mail instead of directing it through your SMTP server (if >they are not one in the same, though we run a collection of stand >alone dedicated e-mail servers) then any mail generated from scripts >on clients web sites will not be coming from your MX record for the >virtual domains. > >It would probably be wise to include the IP address of the server >running the virtual hosting account, generally at least with >sendmail/php's mail function it would be the primary IP address >attached to the server, even in the case of a web site with its own >IP address configured in apache. > >On Mon, 16 Aug 2004 20:57:53 -0700 > Men & Mice Support <cbuxton@menandmice.com> wrote: >>I would guess that the following would also work for your virtual >>domains: >> >>virtual.com. TXT v=spf1 mx -all >>____________________________________________________________________ >>Chris Buxton Men & Mice >>Customer Support Specialist Making DNS Easy >> >>At 9:37 PM -0400 8/16/04, Codger wrote: >>>Well, the pobox.com docs just didn't address it. Here's how I dealt >>>with virtual domain spf records. They all simply point back to the >>>mail servers spf like so: >>> >>>virtual.com TXT v=spf1 redirect=realmail.net >>> >>>realmail.net TXT v=spf1 a mx ~all >>> >>>Curiously I had the 'ptr' paramater in the line and Chris Buxton told >>>me that was a security concern, so I took it out. >>> >>>On Aug 16, 2004, at 8:11 AM, Joe D'Andrea wrote: >>> >>>>At 8:14 PM -0500 3/26/04, codger wrote: >>>>>Hmmm. This is what I have. Why do you have two entries, Chris? Is >>>>>there something I'm missing here? Do I need to have TXT records for >>>>>all virtual domains? (I didn't think so from the docs on SPF that I >>>>>read from pobox.com some time back.) >>>> >>>>Where do you see in the docs that you wouldn't need TXT(SPF) records >>>>for all virtual domains? >>>> >>>>I would think that one would need them. In fact I just added TXT(SPF) >>>>records for the domain that my main mail server is in (west21.com). I >>>>tested it with e-mail addresses in the main domain name >>>>(joedan@west21.com) and the SPF tests "passed". Then I tested using >>>>addresses in client domains that originate from the same server and >>>>are sent through the same MX. They all were "Received-SPF: unknown >>>>(no rule found)" >>>> >>>>So we're adding SPF records to every domain we host DNS and/or mail >>>>for. >>>> >>>>~joe >>>> >>>> >>> >>>Kindest regards, >>> >>>Ron >>> >>>"What shall we do? What shall we do?" he cried, "Escaping goblins to >>>be caught by wolves!" - Bilbo Baggins >>> >>>The Hobbit by J. R. R. Tolkein >>>http://www.apple.com/trailers/newline/returnoftheking/trailer_large.html >> >> > >

Messages In This Thread: spf support in QuickDNS? by Paul Willis on Mar 26, 2004 at 4:03:17 pm Re: spf support in QuickDNS? by Len Conrad on Mar 26, 2004 at 4:08:08 pm Re: spf support in QuickDNS? by Paul Willis on Mar 26, 2004 at 4:20:10 pm Re: spf support in QuickDNS? by Men & Mice Support on Mar 26, 2004 at 4:23:02 pm Re: spf support in QuickDNS? by codger on Mar 26, 2004 at 5:15:12 pm Re: spf support in QuickDNS? by Men & Mice Support on Mar 26, 2004 at 5:33:48 pm Re: spf support in QuickDNS? by Joe D''Andrea on Aug 16, 2004 at 5:13:56 am Re: spf support in QuickDNS? by Men & Mice Support on Aug 16, 2004 at 9:54:00 am Re: spf support in QuickDNS? by Simon Wright on Aug 16, 2004 at 10:22:01 am Re: spf support in QuickDNS? by Joe D''Andrea on Aug 16, 2004 at 10:55:15 am Re: spf support in QuickDNS? by Simon Wright on Aug 16, 2004 at 11:31:58 am Re: spf support in QuickDNS? by John Dobbin on Aug 16, 2004 at 11:40:32 am Re: spf support in QuickDNS? by Men & Mice Support on Aug 16, 2004 at 5:21:19 pm Re: spf support in QuickDNS? by Codger on Aug 16, 2004 at 6:37:46 pm Re: spf support in QuickDNS? by Men & Mice Support on Aug 16, 2004 at 8:59:21 pm Re: spf support in QuickDNS? by admin@gippy.net on Aug 16, 2004 at 9:38:35 pm Re: spf support in QuickDNS? by admin@gippy.net on Aug 16, 2004 at 9:46:48 pm