Hi there,

Am 05.09.2011 um 21:33 schrieb Bharath Chari:

> On 09/05/2011 09:16 PM, Eric Shubert wrote:
>> On 09/04/2011 10:29 PM, Pak Ogah wrote:
>>> On 09/03/11 16:13, P.V.Anthony wrote:
>>>> ...
>>>> 
>>>> Often I hope gmail will get more strict and stop accepting emails for
>>>> not properly setup servers. This will would really make my life easier.
>>>> 
>>>> P.V.Anthony
>>>> 
>>> I agree with this. gmail can rcvd email from sender domain that use
>>> IP.Add.re.ss as MX record rather than MX hostname.
>>> While other email-related applications, like Exim and ASSP can't as they
>>> obeying the RFC
>>> 
>>> - From: http://en.wikipedia.org/wiki/MX_record
>>> The characteristic payload information of an MX record is the fully
>>> qualified domain name of a mail host and a preference value. The host
>>> name must map directly to one or more address record (A, or AAAA) in the
>>> DNS, and must not point to any CNAME records.[1]
>>> 
>>> ---------------------------------------------------------------------------------
>>>  
>> 
>> Thanks for this, Pak. For some time I've wondered where it's specified that 
>> MX records must not point to CNAME records. I see now that it's in RFC 2181, 
>> Section 10.3.
>> 
> I haven't thought this through, but could it be that some services honour SPF 
> records more than others? Even if my MX record is an IP, not an A record, but 
> I explicitly define that IP as an acceptable sender in my SPF record, that 
> could be helping.
> 
> eg: My MX record is X.X.X.X instead of an A record, but my SPF record in DNS 
> explicitly states : "v=spf1 a mx ip4:X.X.X.X -all", which means I authorise 
> sending mail from my domain's A record, my MX and also from the IP X.X.X.X 
> but none other.

first of all, RFC demands that MX HAS to be a fully qualified domain name and 
neither an A record nor a CNAME. (As has been pointed out previously - thanks 
for the wiki reference, Eric, by the way).
Secondly, some services actually ignore SPF completely (same goes for DKIM), so 
using either technology is no guarantee that SMTP servers accept mail from you.
That is because both SPF and DKIM are optional gimmicks and thus you cannot 
rely on them to help you achieve good deliverability. They can only help if the 
receiving mail server is aware of these protocols.
Also keep in mind that from the two, SPF is the weaker technology as spoofing 
IP addresses is much easier than forging a DKIM signature.

Are you having trouble getting mails delivered to remote hosts?

Regards,

Martin

--
Martin Waschbüsch
IT-Dienstleistungen
Schumacherring 29
81737 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
[email protected]
http://www.waschbuesch.it


---------------------------------------------------------------------------------
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
    Vickers Consulting Group offers Qmailtoaster support and installations.
      If you need professional help with your setup, contact them today!
---------------------------------------------------------------------------------
     Please visit qmailtoaster.com for the latest news, updates, and packages.

      To unsubscribe, e-mail: [email protected]
     For additional commands, e-mail: [email protected]


Reply via email to