I need help understanding the correct SPF text record for a customer domain . I have read the archives, been to the pobox site and read and still not absolutely certain. We allow some customers to SMTP relay from their dedicated IP and also from their e-mail Contact Form via their web site - we also host on a separate server and within the same network Workgroup. Our Workgroup of servers communicate to each other via private IP addresses. Thanks in advance to anyone who has the time. -Don
Our set-up is IMail (8.12) and Declude (1.79). Customer domain is configured as a virtual host on the IMail server. a) Sample customer dedicated IP is (64.x.x.123) and allowed to SMTP relay from their office via IMail. b) Sample IMail server Public Host IP is (imail.hosting.com 209.x.x.567) c) Sample Web server Private IP is (webA 192.x.x.10) where their Contact Form e-mail orginates. *Note the pobox wixard finds 2 MX records for this sample customers domain, the first being as on IMail their MX (mail.customerdomain.com) and the second being our colo router (vacant.colodomain.com). The POBOX Wizard Questions and My Question below... ---------------------------------- 1) Let's set up SPF records for mail.customerdomain.com. mail.customerdomain.com's IP address is 209.x.x.567. Does that server send mail from mail.customerdomain.com? yes no My Question: Do I answer yes or no? The domain is configured as (customerdomain.com) and alias of (mail.customerdomain.com) as a virtual host in Imail. They send email from their office dedicated IP of (64.x.x.123) and via WebMail for the IMail server public and virtual domain IP (209.x.x.567), and also originating from the Web server IP (webA 192.x.x.10) to the Imail server. ---------------------------------- 2) This wizard found 2 names for mail.customerdomain.com's MX servers. MX servers receive mail for mail.customerdomain.com. Do they also send mail from mail.customerdomain.com? yes no My Question: Do I answer yes or no? In addition to the above info for the first question, our DNS only has one primary MX record entered for the (customerdomain.com) (209.x.x.567), but apparently it is also picking up our colo router name too (vacant.colodomain.com) with the same IP number (209.x.x.567). ---------------------------------- 3) Do you want to just approve any host whose name ends in mail.customerdomain.com? yes no My Question: Do I answer yes or no? I feel I should answer No, again not sure and concerned with this question as mail typically identified from this domain as customerdomain.com and not mail.customerdomain.com which is the alias configured in Imail. ---------------------------------- 4) Do any other servers send mail from mail.customerdomain.com? My Questions: Here they provide 3 fields to list other servers with regular hostnames, MX servers, and IP addresses. A) For the Host names field, do I also list the Web server private Web server name (web)? This is where some e-mail is originating from the customers Web site contact form. Do I also list our IMail server hostname (imail.hosting.com) since the mail.customerdomain.com is virtual? Do I enter the colo router hostname too (vacant.colodomain.com) being identified by the wizard with our IMail host IP? B) For the MX servers field, I am assuming to enter only the customer MX (mail.customerdomain.com) or should I also enter the IMail server primary hostname (imail.hosting.com)? C) For the IP addresses field, do I enter the IP's for the IMail server which is the same for the customers virtual domain? Should I also enter the Web server private IP (192.x.x.10) to cover their contact form on the Web server? ---------------------------------- 5) Could mail from mail.customerdomain.com originate through servers belonging to some other domain? If you send mail through your ISP's servers, name the ISP here. My Question: This is not the case for this customer who only sends from a dedicated IP at their office. Wondering however what you would enter if we also allowed SMTP auth and they had several employees in the field with different IPS connects? ---------------------------------- 6) Do the above lines describe all the hosts that send mail from mail.customerdomain.com? yes no My Questions: For this customer I would assume answering yes, but hate to assume. Would answering yes be the correct answer? I see the ~all if you answer no, and the -all if you answer yes and read about Scott's suggestion of ?all being more appropriate in cases where there is no way to tell the originating SMTP IP address. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
