Thanks.
Actually the address ends up being the egress point of my firewall for all
smtp traffic. So Ironport, Exchange, SQLmail, whatever. If it is using
port 25 it is coming out that ip on my firewall.
I appreciate the lecture and education. The lecture wasn't painful and the
education was priceless.
----- Original Message -----
From: "Ben Scott" <[email protected]>
To: "NT System Admin Issues" <[email protected]>
Sent: Thursday, September 17, 2009 1:27 PM
Subject: Re: Is this a good SMTP transaction?
On Thu, Sep 17, 2009 at 1:15 PM, David W. McSpadden <[email protected]> wrote:
I need the following added then?
...
spf record v=spf1 ip4:206.18.123.221 include:fusemail.net
include:mailanyone.net ~all
If mail coming from the systems you operate (IronPort) will always
originate from IP address 206.18.123.221, that would be correct. If
you have other hosts that might be sending mail directly, add them,
too. (An Exchange server, for example. Maybe your IronPort goes
down, so you reconfigure Exchange to send direct.)
A record mail.imcu.com 206.18.123.221
ptr record 221.123.18.206-in-addr-arpa mail.imcu.com
That looks good. Now, SPF doesn't look at A and PTR records unless
you tell it to, so they're not directly relevant for the immediate
problem. However, it's considered a best practice to have A and PTR
records for mail systems, and some spam systems take that into
account, so it's a good idea to have them.
-- Ben
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
