On Sonntag, 30. März 2008 dbmail kendrummond.com wrote:
> wouldn't it be better for the domain owner to update
their SPF record
> to allow your server to send mail on their behalf? I
only use SPF on
> my personal domain but I have added a range of valid
SMTP servers to
> my SPF record?
(I answer to the list also for clarification)
Example:
you allow mailserver "My_MX" in your SPF.
you send mail to charlybrown.test (with MX server
mail.brown.test)
he has a forward to mailsrv1.zmi.at (our server).
Our server then sees a message from dbmailkendrummond.com coming from
server mail.brown.test, and checks SPF for your domain, and
this server
is not on the list. Would you like to extend your SPF to
mail.brown.test just because charly wants his e-mail on
another server?
You're not trusting mail.brown.test, so you should not allow
that in
your SPF.
You would have to put every mail server on your SPF from
people who
forward *their* e-mail to another server which checks SPF.
That's a bit
tricky and requires a bit time to understand, I've got
headaches in the
first debug of a rejected SPF e-mail too...
mfg zmi
--
// Michael Monnerie, Ing.BSc ----- http://it-management.at
// Tel: 0676/846 914 666
.network.your.ideas.
// PGP Key: "curl -s http://zmi.at/zmi.asc | gpg
--import"
// Fingerprint: AC19 F9D5 36ED CD8A EF38 500E CE14 91F7
1C12 09B4
// Keyserver: www.keyserver.net Key-ID:
1C1209B4
_______________________________________________
DBmail mailing list
DBmaildbmail.org
htt
ps://mailman.fastxs.nl/mailman/listinfo/dbmail
|