First, you only need SPF records for the servers that would SEND mail.
The MX records tell the world where you RECIEVE mail.
If you do sometimes send mail from both servers, you could create a
single TXT record for the afnet.net domain with both servers in it like
this:
afnet.net. IN TXT "v=spf1 a:mmail.afnet.net
a:mail2.afnet.net -all"
That basically says afnet.net will only send mail from the following two
servers, mmail and mail2.
-----Original Message-----
From: Bass [mailto:bass@afnet.net]
Sent: Friday, August 29, 2008 8:05 AM
To: spf-help@v2.listbox.com
Subject: Re: [spf-help] mechanism options
in fact i have 2 MX records but i only use 1 of them at a time and if
i'm
blacklisted i can change it while trying to whitelist the other one
(it's
the best way i found because we are not able to control users trafic in
some
cybercafes)
so i have 2 "A" records
mmail.afnet.net 213.136.109.60
mail2.afnet.net 213.136.109.6
is that ok ? or i have to add something to the SPF record for mmail
about
mail2.afnet.net and if so can you please advise ?
thanks
----- Original Message -----
From: "Steve Yates" <steve@teamITS.com>
To: <spf-help@v2.listbox.com>
Sent: Wednesday, August 27, 2008 4:29 PM
Subject: RE: [spf-help] mechanism options
Bass wrote on 8/27/2008 11:00:39 AM:
> afnet.net. IN TXT "v=spf1 mx -all"
> mmail.afnet.net. IN TXT "v=spf1 a -all"
> mail2.afnet.net. IN TXT "v=spf1 a -all"
>
> mmail.afnet.net is the HELO name of my server, can someone check this
?
> mail2 is a second server we have not installed yet.
Received: from MMAIL.afnet.net (mail2.afnet.net [213.136.109.6]) by
thorn.listbox.com (Postfix) with ESMTP id 96D932195A for
<spf-help@v2.listbox.com>; Wed, 27 Aug 2008 12:01:09 -0400 (EDT)
mmail.afnet.net looks correct for HELO per the message you sent
to the list. However the IP used is 213.136.109.6 which is mail2? If
so your SPF record for mmail.afnet.net only references "a", which is
213.136.109.60, so that should fail SPF.
> i'm wondering if i should keep the -all or use ~all for the first line
Eventually you should use -all once you are sure you've listed
all the server hostnames/IPs correctly.
-----
SPF FAQ:
http://www.openspf.org/FAQ Common mistakes:
http://www.openspf.org/FAQ/Common_mistakes - Steve Yates
- ITS, Inc.
- I think, therefore I am confused.
~ Taglines by Taglinator: www.srtware.com ~
-------------------------------------------
Sender Policy Framework:
http://www.openspf.org Modify Your Subscription:
http://www.listbox.com/member/ Archives:
https://www.listbox.com/member/archive/1020/=now RSS Feed:
https://www.listbox.com/member/archive/rss/1020/ Powered by Listbox:
http://www.listbox.com -------------------------------------------
Sender Policy Framework:
http://www.openspf.org Modify Your Subscription:
http://www.listbox.com/member/ Archives:
https://www.listbox.com/member/archive/1020/=now RSS Feed:
https://www.listbox.com/member/archive/rss/1020/ Powered by Listbox:
http://www.listbox.com -------------------------------------------
Sender Policy Framework:
http://www.openspf.org Modify Your Subscription:
http://www.listbox.com/member/ Archives:
https://www.listbox.com/member/archive/1020/=now RSS Feed:
https://www.listbox.com/member/archive/rss/1020/ Powered by Listbox:
http://www.listbox.com