Mailing List Archive

Quick question about result="none" in a response from spf-test@openspf.org:

Test result: Mail-From Result="pass": Mail From="info@slayman.com <https://box133.bluehost.com:2096/3rdparty/squirrelmail/src/compose.php?send_to=info%40slayman.com>" HELO name="outbound-mail-145.bluehost.com" HELO Result="none" Remote IP="67.222.38.35"

slayman.com's SPF record: "v=spf1 a a:artfulmedia.net
include:bluehost.com ~all"
bluehost.com's SPF record: "v=spf1 ip4:66.147.240.0/20
ip4:67.222.65.0/19 ip4:69.89.16.0/20 ip4:74.220.192.0/19
ip4:67.222.32.0/19 a mx ptr ptr:0catch.com ~all"

Since Bluehost's SPF record includes "ptr," shouldn't that cover
outbound-mail-145.bluehost.com? And shouldn't the result then be "pass"
instead of "none"?

Thanks,
Andrew

P.S. I think I figured out the answer to my question below: I do *not*
want to add null records for subdomains, since the subdomains resolve to
the same IP as the mail-sending domain.

-------- Original Message --------
Subject: Re: [spf-help] Help setting up SPF record
Date: Tue, 17 Mar 2009 08:05:17 -0600
From: Andrew Slayman <slayman@artfulmedia.net>
Organization: Artful Media LLC
To: spf-help@v2.listbox.com
References: <49BEE122.5030403@artfulmedia.net>
<49BEE5FA.2040807@thinktwice.ro> <49BF2EBD.3000601@artfulmedia.net>
<43ea8d070903170033m73ec84c9m2a7b6cb950b72532@mail.gmail.com>



One more question: Is there any benefit to publishing null records for
subdomains like mail.slayman.com and www.slayman.com? Or any reason not to?

I don't have any @mail... or @www... e-mail addresses, and as far as I
can tell the domains never appear in any of my mail headers. They do,
however, resolve to the same IP as slayman.com.

Rob MacGregor wrote:
> On Tue, Mar 17, 2009 at 05:01, Andrew Slayman <info@artfulmedia.net> wrote:
>
>> Very helpful. Thank you, Andrew
>>
>> Edi Mitrea wrote:
>>
>>> you can assign as many outbound servers as you want. first of all you
>>> should include your public ip for domain slayman.com and it will be enough:
>>>
>>> v=spf1 ip4:69.89.26.91/32 ip4:69.89.22.133/32 a mx a:slayman.com
>>> mx:slayman.com a:bluehost.com ~all
>>>
>>> as far as outbound-mail-<ip>.bluehost.com i think it is best to put
>>> "a:bluehost.com" because are generated dynamically or have reverse zone
>>> defined.
>>>
>
> That record is:
>
> a) Not well formed
>
> For domain slayman.com "mx" and "mx:slayman.com" and "a" and
> "ip4:69.89.26.91/32" are identical. Listing it 4 times serves no
> purpose.
>
> "a:bluehost.com" only allows the host "bluehost.com" (74.220.195.50)
> to send email.
>
> b) Unlikely to work for you and will result in all your email being
> rejected/marked as spam by SPF aware mail servers
>
> It authorises 3 IPs in total, none of which are the IP seen sending your email.
>
>
> Far better would be to use the SPF record Bluehost publish:
>
> v=spf1 include:bluehost.com ~all
>
> Even if their record isn't the best either ;)
>
>

--
Andrew Slayman, Director
Artful Media LLC
www.artfulmedia.net
www.slayman.com
tel. +1-207-837-3693





-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/1020/=now
RSS Feed: https://www.listbox.com/member/archive/rss/1020/
Powered by Listbox: http://www.listbox.com