Re: Checking proper SPF record
Hi there, On Wed, 9 Jul 2014, Alex wrote: Thought I'd try this again. ... You'll get much better help on the right list. spf-h...@listbox.com -- 73, Ged. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Checking proper SPF record
Hi, I have a mail server that manages mail for about ten domains, using bind-9.9.4-12.P2 on fedora20. I'd like to make sure my SPF record in my SOA is set up correctly, and hoped someone could help. Currently I have the following: $TTL 1d @ INSOA ns.example.com. admin.ns.example.com. ( 2011041707 ;serial (mmddxx) 3h ;refresh every 3 hours 1h ;retry every 1 hr 7d ;expire in 7 days 1d );minimum ttl 1 day IN NS ns.example.com. IN NS ns1.example.com. IN NS ns2.example.com. A 192.168.1.10 IN MX 10 smtp.example.com. IN TXT v=spf1 mx a ip4:192.168.1.11/32 ip4:192.168.2.11/32 a:smtp.example.com a:smtp1.example.com -all ns IN TXT v=spf1 a -all ns1 IN TXT v=spf1 a -all ns2 IN TXT v=spf1 a -all smtpIN TXT v=spf1 a -all smtp1 IN TXT v=spf1 a -all I believe there is a new SPF TXT entry in addition to the one I've created above that's now being used? The references I read were unclear. Does this look correct? I'd have to add this SOA to every domain the mail server manages, correct? The smtp and smtp1 servers are the only two servers that should be responsible for this domain. Any ideas greatly appreciated. Thanks, Alex ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Checking proper SPF record
http://www.kitterman.com/spf/validate.html - Kevin On 7/8/2014 12:43 PM, Alex wrote: Hi, I have a mail server that manages mail for about ten domains, using bind-9.9.4-12.P2 on fedora20. I'd like to make sure my SPF record in my SOA is set up correctly, and hoped someone could help. Currently I have the following: $TTL 1d @ INSOA ns.example.com http://ns.example.com. admin.ns.example.com http://admin.ns.example.com. ( 2011041707 ;serial (mmddxx) 3h ;refresh every 3 hours 1h ;retry every 1 hr 7d ;expire in 7 days 1d );minimum ttl 1 day IN NS ns.example.com http://ns.example.com. IN NS ns1.example.com http://ns1.example.com. IN NS ns2.example.com http://ns2.example.com. A 192.168.1.10 IN MX 10 smtp.example.com http://smtp.example.com. IN TXT v=spf1 mx a ip4:192.168.1.11/32 http://192.168.1.11/32 ip4:192.168.2.11/32 http://192.168.2.11/32 a:smtp.example.com http://smtp.example.com a:smtp1.example.com http://smtp1.example.com -all ns IN TXT v=spf1 a -all ns1 IN TXT v=spf1 a -all ns2 IN TXT v=spf1 a -all smtpIN TXT v=spf1 a -all smtp1 IN TXT v=spf1 a -all I believe there is a new SPF TXT entry in addition to the one I've created above that's now being used? The references I read were unclear. Does this look correct? I'd have to add this SOA to every domain the mail server manages, correct? The smtp and smtp1 servers are the only two servers that should be responsible for this domain. Any ideas greatly appreciated. Thanks, Alex ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Checking proper SPF record
Hi there, On Tue, 8 Jul 2014, Alex wrote: ... Does this look correct? ... No, it's terrible. Drop a line over at the SPF-users mailing list, they'll sort you out. Use real names and addresses, then it's more than just a conjecture. This will all be published for the world to see anyway, so there's no sense at all in using bogus data, and if you use real data people can really check it for you. 73, Ged. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Checking proper SPF record
IN TXT v=spf1 mx a ip4:192.168.1.11/32 ip4:192.168.2.11/32 a:smtp.example.com a:smtp1.example.com -all go away with anonymized data if you want help espcially in case of data which will made public anyways signature.asc Description: OpenPGP digital signature ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Checking proper SPF record
Hi all, Thought I'd try this again. Thanks so much for your help. I'm using bind-9.9.4-12.P2 on fedora20. $TTL 1d @ INSOA ns.guardiandigital.com. admin.ns.guardiandigital.com. ( 2014070701 ;serial (mmddxx) 3h ;refresh every 3 hours 1h ;retry every 1 hr 7d ;expire in 7 days 1d );minimum ttl 1 day IN NS ns.guardiandigital.com. IN NS ns1.guardiandigital.com. IN NS ns2.guardiandigital.com. A 64.1.16.14 IN MX 10 smtp.guardiandigital.com. IN TXT v=spf1 mx a ip4:64.1.16.3/32 ip4:64.1.16.27/32 ip4: 66.104.218.98/32 a:smtp.guardiandigital.com a:smtp1.guardiandigital.com ?all ns IN TXT v=spf1 a -all ns1 IN TXT v=spf1 a -all ns2 IN TXT v=spf1 a -all smtpIN TXT v=spf1 a -all smtp1 IN TXT v=spf1 a -all Thanks, Alex ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
