20 Apr 15:44
Thank you for being part of spf-help
spf-help <spf-help-owner <at> listbox.com>
2011-04-20 13:44:48 GMT
2011-04-20 13:44:48 GMT
|
8 Mar 21:58
multiple domains
brian <brian <at> zijn-digital.com>
2011-03-08 20:58:37 GMT
2011-03-08 20:58:37 GMT
I have several domains hosted on a single server. That machine's hostname is domain1.com, same as that used for Postfix. The outgoing server used for all email accounts is mail.domain1.com. I'm having a lot of trouble understanding how to create SPF records for all of the domains on this server. Specifically, the instructions for the tool at openspf.org are making my head spin. I think that this is what I need: domain1.com: v=spf1 a:mail.domain1.com -all domain2.com: v=spf1 a:domain2.com include:mail.domain1.com -all etc. Is this correct? I'm unsure whether I need an SPF record for each domain, or a single one for domain1.com that includes the others.
4 Mar 22:12
Help with SPF for multiple domains please
Jackie Choquette <jac <at> whistlerwebandprint.com>
2011-03-04 21:12:01 GMT
2011-03-04 21:12:01 GMT
I am trying to help a client of my set up an SPF record for his domain. He has the need to authenticate mail from three locations 1. his domain whistlerreservations.com which is set up with google apps mail 2. Via a third party booking engine that sends mail from the domain rezserve.com 3. Via campaign monitor (cmail1.com) which is an email distribution system. I have set up the following v=spf1 a mx include:rezserve.com include:cmail1.com include:_spf.google.com ~all but am getting the following error when validating with the http://www.kitterman.com/spf/validate.html SPF Records Testing Tools Results - PermError SPF Permanent Error: No valid SPF record for included domain: rezserve.com: include:rezserve.com Does Rezserve.com have to do something on there end? If so what do they need to do? Also do I need to specify a mx in my spf if I already have include:_spf.google.com in there? I hacked this together from various sources 1) google apps help - google.com/support/a/bin/answer.py?answer=178723]SPF records - Google Apps Help[/url] which says to set the following v=spf1 include:_spf.google.com ~all 2) Campaingmonitor help -help.campaignmonitor.com/topic.aspx?t=88 Which says to set - v=spf1 mx include:cmail1.com ~all Below is the mail header from one of the messages sent from resserve.com Delivered-To: jac <at> whistlerwebandprint.com Received: by 10.231.30.196 with SMTP id v4cs105047ibc; Mon, 28 Feb 2011 13:54:38 -0800 (PST) Received: by 10.227.156.207 with SMTP id y15mr5389341wbw.38.1298930077969; Mon, 28 Feb 2011 13:54:37 -0800 (PST) Return-Path: <reservations <at> whistlerreservations.com> Received: from rezserve.com ([204.14.93.102]) by mx.google.com with ESMTPS id p44si7256090wej.197.2011.02.28.13.54.36 (version=TLSv1/SSLv3 cipher=OTHER); Mon, 28 Feb 2011 13:54:36 -0800 (PST) Received-SPF: neutral (google.com: 204.14.93.102 is neither permitted nor denied by best guess record for domain of reservations <at> whistlerreservations.com) client-ip=204.14.93.102; Authentication-Results: mx.google.com; spf=neutral (google.com: 204.14.93.102 is neither permitted nor denied by best guess record for domain of reservations <at> whistlerreservations.com) smtp.mail=reservations <at> whistlerreservations.com Received: from rezserve.com (localhost.localdomain [127.0.0.1]) by rezserve.com (8.13.1/8.13.1) with ESMTP id p1SLsT8X032018 for <jac <at> whistlerwebandprint.com>; Mon, 28 Feb 2011 16:54:29 -0500 Received: (from apache <at> localhost) by rezserve.com (8.13.1/8.13.1/Submit) id p1SLsTll032016; Mon, 28 Feb 2011 16:54:29 -0500 Date: Mon, 28 Feb 2011 16:54:29 -0500
2 Mar 21:04
Re: do you see something i don't
Carlos R. Pasqualini <pasqualinic <at> fcal.uner.edu.ar>
2011-03-02 20:04:14 GMT
2011-03-02 20:04:14 GMT
El mi�, 02-03-2011 a las 14:59 -0500, Andrew Culver escribi�: > The DNS records you gave below aren't the same as what I see. > > Trying "listas.fcal.uner.edu.ar" > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28806 > ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 3, ADDITIONAL: 1 > > ;; QUESTION SECTION: > ;listas.fcal.uner.edu.ar. IN ANY > > ;; ANSWER SECTION: > listas.fcal.uner.edu.ar. 4350 IN A 190.228.25.197 > listas.fcal.uner.edu.ar. 4340 IN MX 10 listas.fcal.uner.edu.ar. > listas.fcal.uner.edu.ar. 4334 IN TXT "v=spf1 mx -all" > > ;; AUTHORITY SECTION: > fcal.uner.edu.ar. 4341 IN NS ns1.uner.edu.ar. > fcal.uner.edu.ar. 4341 IN NS ns1.fcal.uner.edu.ar. > fcal.uner.edu.ar. 4341 IN NS ns2.fcal.uner.edu.ar. > > ;; ADDITIONAL SECTION: > ns2.fcal.uner.edu.ar. 4341 IN A 170.210.29.130 > > Received 170 bytes from 129.100.2.12#53 in 1 ms > > > Andrew > that's because you are not inside the RIU network, that is our commercial link and the visible address to commercial Internet it isn't an error, it's the supposed answer regards. -- -- Carlos R. Pasqualini <pasqualinic <at> fcal.uner.edu.ar> Adm. de Redes - Facultad de Ciencias de la Alimentaci�n - UNER
25 Feb 19:30
Re: Where is the difference?
Benny Pedersen <me <at> junc.org>
2011-02-25 18:30:06 GMT
2011-02-25 18:30:06 GMT
On Fri, 25 Feb 2011 19:04:55 +0100, Marc Oliv� <marc <at> elnucli.com> wrote: > The (HARD)FAIL) message header: http://old.openspf.org/wizard.html?mydomain=aerobicyfitness.espainucli.com&submit=Go! aerobicyfitness.espainucli.com's IP address is 212.36.77.75 (xen-ad0059.srv.cat). Does that server send mail from aerobicyfitness.espainucli.com? add ip4:212.36.77.75 to the above spf record
13 Feb 00:11
Contact information to the webmaster for openspf.org
Anders Boholdt-Petersen <english_correspondences <at> boholdt-petersen.dk>
2011-02-12 23:11:22 GMT
2011-02-12 23:11:22 GMT
Hi everyone, I have tried to contact the webmaster for the web page "openspf.org", because the web page has a error, but the mail address I write to ( spf-webmasters <at> v2.listbox.com ) does not work. Have any person a directly mail address to the webmaster? I can not write via the form on the openspf.org-web page, because the form also have a error. Thanks for the answer. Regards, Anders
10 Feb 02:46
my email
Ball (LIMAR <Ball <at> limaroiltools.com>
2011-02-10 01:46:39 GMT
2011-02-10 01:46:39 GMT
Dear Sir
This is my email.
Regards,
(Ball) Kanasin Seehatri
IT Supervisor
-----------------------------------------------------------------
Limar Oiltools Co., Ltd.
H/P : +66 (0) 23825281
Email : ball <at> limaroiltools.com
Web : www.limaroiltools.com
-----------------------------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
| Archives | Modify Your Subscription | Unsubscribe Now |
3 Feb 16:02
Would the following SPF be the best?
Timothy DeHan <timothy <at> tdehan.com>
2011-02-03 15:02:28 GMT
2011-02-03 15:02:28 GMT
I host email for my families different domains. I am confused on how best to create SPF records for each of their domains. Each of the different domains point to the same IP address of the server. The email server is located in my house and Comcast Business is my ISP. I have a PTR record created with Comcast. My family is located all over the country with multiple different ISPs. There are MX records setup in DNS for each of their domains.
Would the following SPF be the best? v=spf1 ip4:70.89.155.193 a mx ~all
Or something like this? v=spf1 a mx ptr mx:mail.whateverdomain.com ~all
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
| Archives | Modify Your Subscription | Unsubscribe Now |
3 Feb 11:57
Using subdomain for mailout
Rob Smith <rob_s_smith <at> hotmail.com>
2011-02-03 10:57:14 GMT
2011-02-03 10:57:14 GMT
Hi
Ive got a client who has part of his company who want to
send out email newsletters. Theyve been asked to set up an SPF record to allow a
third party mailing company to send the mail on their behalf. At present their
domain has no SPF records. I asked our clients if they could give me a list of
every mail server that sends mail for their domain, as if I put only the third
party mailing companys server in the SPF, other mail from the companys other
servers might get bounced. After two weeks they still couldnt provide a
definitive list of servers, as the company seems to use lots of third party
servers to send mailouts for their different products.
One solution thats been suggested is to create a
subdomain for the third party mailing company, then stick with having no SPF
record for the main domain - ie
company.co.uk
No SPF record
mailouts.company.co.uk
IN TXT "v=spf1 a:3rdparty.mailer.server.com
~all"
It looks like this might work, though it looks a bit
complicated. Im wondering if anyone has any thoughts on this setup, and any
drawbacks they might know of.
Thanks in advance
Rob Smith
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
| Archives | Modify Your Subscription | Unsubscribe Now |
2 Feb 14:32
best practices for txt records with more than 255 characters
Yann GMAIL <tacticman <at> gmail.com>
2011-02-02 13:32:47 GMT
2011-02-02 13:32:47 GMT
Hi all,
I want to know what is the best way to configure my spf with multiple ip addresses with no PTR records and managed by differents administrators.
My problem today is about two limits : 255 characters for one TXT record and 10 DNS lookup
today, i have a email domain : mydomain.com
with a TXT and a redirect to _spf.mydomain.com
the TXT of _spfmydomain.com contains all the IP addresses of my trusted senders.
thank you
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
| Archives | Modify Your Subscription | Unsubscribe Now |
28 Jan 16:22
v=spf1 mx ~all SoftFail
J4K <junk4 <at> klunky.co.uk>
2011-01-28 15:22:06 GMT
2011-01-28 15:22:06 GMT
Dear everyone,
I recently started to host my own Email server for my domain. I noticed that the registar for my domain name added an SPF of:
v=spf1 mx ~all
What concerns me is the tilde character ~. I understood this to softfail.
Since the MX records for this domain are correct, and there should be no other servers sending on its behalf, then ought to record be:
v=spf1 mx +all
Would the +all mean that only the servers listed in the MX records can send?
Any help would be greatly appreciated.
Best regards, Simon.
-----------------------
Deatils from dig below
# dig -t txt klunky.co.uk
; <<>> DiG 9.7.2-P3 <<>> -t txt klunky.co.uk
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50965
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;klunky.co.uk. IN TXT
;; ANSWER SECTION:
klunky.co.uk. 3600 IN TXT "v=spf1 mx ~all"
;; Query time: 0 msec
;; SERVER: 62.58.61.186#53(62.58.61.186)
;; WHEN: Fri Jan 28 16:12:09 2011
;; MSG SIZE rcvd: 57
I recently started to host my own Email server for my domain. I noticed that the registar for my domain name added an SPF of:
v=spf1 mx ~all
What concerns me is the tilde character ~. I understood this to softfail.
| SoftFail | The SPF record has designated the host as NOT being allowed to send but is in transition | accept but mark |
Since the MX records for this domain are correct, and there should be no other servers sending on its behalf, then ought to record be:
v=spf1 mx +all
Would the +all mean that only the servers listed in the MX records can send?
Any help would be greatly appreciated.
Best regards, Simon.
-----------------------
Deatils from dig below
# dig -t txt klunky.co.uk
; <<>> DiG 9.7.2-P3 <<>> -t txt klunky.co.uk
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50965
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;klunky.co.uk. IN TXT
;; ANSWER SECTION:
klunky.co.uk. 3600 IN TXT "v=spf1 mx ~all"
;; Query time: 0 msec
;; SERVER: 62.58.61.186#53(62.58.61.186)
;; WHEN: Fri Jan 28 16:12:09 2011
;; MSG SIZE rcvd: 57
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
| Archives | Modify Your Subscription | Unsubscribe Now |
RSS Feed