alan | 12 Feb 23:22 2010

Re: More detail on subdomains

At 20:38 12/02/2010  Friday, James R. Marcus wrote:
>I'll set an SPF to tell the world not accept email from  <at> with
<>  IN TXT "v=spf1 -all" correct?
>The part that I'm not quite clear on is the part with the relay hosts. The relay hosts
<> and
<> don't have txt record but they are in the
<> TXT record.  To be extra safe should I add a txt record for each of the
relays like this: <>  IN TXT "v=spf1
ip4: -all" & <>  IN TXT "v=spf1
ip4: -all"?

now from looking at your actual spf records {as now i see the bit quoted was for not IN TXT v=spf1 mx ip4: ip4: ip4:
ip4: ip4: -all

i see you need to remove the mx or at least move it to after the ip4 records
{ALWAYS,ALWAYS order correctly ip4{fastest 0 extra lookups} then A{1 lookup} then only if necessary mx{4
in your case}}
if you know your ip's mx is never needed or useful {and in your case mx == ip4:
ip4: ip4:}

so i would rewrite your spf as follows given the available information IN TXT v=spf1 ip4: ip4: ip4:
ip4: ip4:  -all

(Continue reading)