|
Orin,
If you use a different IP to send out "friends"
bounce messages you might add those IPs also to your SPF record.
----- Original Message -----
Sent: Monday, December 04, 2006 6:58
PM
Subject: [SurgeMail List] Setting up SPF
Records
Stuart,
Sometime ago you sent a message on this subject
pointing to the SPF wizard at http://spf.pobox.com
Last week when our DNS provider
was given a nice DDoS attack taking down all 4 of their servers located at
geographically diverse locations we got the message that we probably should be
using at least two DNS providers. We were toying with it because the
primary one does not provide TXT records. So now I am struggling with
setting up the correct entries. We use a single IP address to send out
all email for all domains although we found that it is possible for this IP
address to go down on us (It is a separate feed and not in the same subnet as
our other addresses). But we also found when it went out one time that
Surgemail defaulted to an address we normally use for administration
purposes.
So we now have two A records in the DNS entries for
our primary domain which are smtp.awasco.com and smtp2.awasco.com reflecting
the IP addresses for Surgemail.
In running a test scenario through the
wizard I ended up with the following string:
awasco.com. IN TXT "v=spf1 a:smtp.awasco.com a:smtp2.awasco.com
~all"
Does this look right to you?
Now some time back Barry also
indicated that it is best to use "-all" rather than "~all" and although you
used a "-all" in an example you later corrected it to "~all"
And can
you elaborate on the difference in actions between the "-all" and "~all"
parameters?
Now I think the reason this does not include the "MX"
parameter presumably is that we never send on the incoming address(es) pointed
to by the MX records.
|
awasco.com