SPF/TXT records

Jeff Lightner jlightner at water.com
Wed Jun 17 15:19:57 UTC 2009 

Right my relay might want it but if so that would be in my internal
view. The Exchange and Sendmail servers only allow relay from specific
locations and neither is using SPF to authenticate so far as I know.

My question was more related to external view - what do people on the
internet expect to see defined as SFP/TXT record to verify it is a valid
email?

I'm quite certain Sendmail is not sending any water.com email and that
Exchange is not sending any waterinvoice.com email based on the Sendmail
configuration of atuprd01.water.com - it uses a mailer table to
determine which host to relay through specifically based on the domain
of the email message "sender".

-----Original Message-----
From: bind-users-bounces at lists.isc.org
[mailto:bind-users-bounces at lists.isc.org] On Behalf Of Matus UHLAR -
fantomas
Sent: Wednesday, June 17, 2009 11:10 AM
To: bind-users at lists.isc.org
Subject: Re: SPF/TXT records

On 17.06.09 10:46, Jeff Lightner wrote:
> When one sets SPF/TXT record is it for the relay server/IP that sent
the
> email to the internet or the originating one?

maybe even both. If the outgoing mail relay checks for SPF, and you
don't
use SMTP authentication (in which case relays may not check for SPF),
you
need SPF for originating server to, so the relay doesn't reject the mail
imediately. If the relay sends such mail to other servers, its IP should
be
in SPF too.

I have SPF for fantomas.sk:

fantomas.sk.            43200   IN      SPF     "v=spf1 mx -all"

it should be checked when someone is trying to send mail with
@fantomas.sk
as envelope from address.

> For example we have a server (atuprd01.water.com) that can not be
> reached via the internet.  Email originating there is relayed through
> our MS-Exchange server (if sent with domain water.com) or a Linux
> Sendmail server (if sent with domain waterinvoice.com).  All email
sent
> via exchange goes out an IP separate from incoming mail (MX) IP.   All
> email sent via Sendmail has a separate IP from incoming mail (MX) IP.

>  
> Should the SPF specify the outbound IP (e.g. 12.44.84.204 for
> atlsnml2.waterinvoice.com) for the Sendmail server email or the
IP/name
> for atuprd01.water.com? 

water.com should have your ms exchange's IP and waterinvoice.com should
have
your linux servers' IP. Watch out if there is really no email going from
water.com via your linux server and no mail coming from waterinvoice.com
via
your exchange server...

I assume 

-- 
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
99 percent of lawyers give the rest a bad name. 
_______________________________________________
bind-users mailing list
bind-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
 
Please consider our environment before printing this e-mail or attachments.
----------------------------------
CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you.
----------------------------------

More information about the bind-users mailing list