Mailing List Archive

Assistance
Hello folks

I need some help with the syntax in my SPF text. My outgoing email server name is emailserver2.goodwill-lbsb.org at 65.60.89.167. The incoming email goes to mx.goodwillsolac.org.

My ISP suggest the SPF of "v=spf1 mx ~all". I do not see why mx is needed.

There are two active domains, goodwill-lbsb.org and goodwillsolac.org.

I think the spf should read as "v=spf1 ip4:65.60.89.167 -all" for both above mentioned domain names. Will this spf works?

I have access to DNS records management.

Thank you.

Scott

---
Scott Hostetler, MS

Think Good. Think Goodwill.(tm)
This message (including any attachments) is intended only for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, privileged, confidential, and exempt from disclosure under applicable law or may constitute as attorney work product. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, notify us immediately by telephone and (i) destroy this message if a facsimile or (ii) delete this message immediately if this is an electronic communication.
Help us keep the environment clean, please don't print this e-mail unless absolutely necessary.




-------------------------------------------
Sender Policy Framework: http://www.openspf.org [http://www.openspf.org]
Modify Your Subscription: http://www.listbox.com/member/ [http://www.listbox.com/member/]

Archives: https://www.listbox.com/member/archive/1020/=now
RSS Feed: https://www.listbox.com/member/archive/rss/1020/1311530-08394398
Modify Your Subscription: https://www.listbox.com/member/?member_id=1311530&id_secret=1311530-644bccd5
Unsubscribe Now: https://www.listbox.com/unsubscribe/?member_id=1311530&id_secret=1311530-512c0f9e&post_id=20101028180723:BCBAF8B4-E2DF-11DF-9040-BF5F67ED8BFC
Powered by Listbox: http://www.listbox.com
Re: Assistance [ In reply to ]
Hi Scott,

You are correct. Your SPF record should list the servers which send mail
for your domain. Hosts that receive mail for your domain are not
relevant to your SPF record.

Is 65.60.89.167 the only host that sends mail for your domains?

I'd also recommend using ~all while testing your records. Once you're
satisfied that they're correct, change to -all.

Andrew

On 28/10/2010 6:05 PM, Hostetler, Scott wrote:
> Hello folks
>
> I need some help with the syntax in my SPF text. My outgoing email server name is emailserver2.goodwill-lbsb.org at 65.60.89.167. The incoming email goes to mx.goodwillsolac.org.
>
> My ISP suggest the SPF of "v=spf1 mx ~all". I do not see why mx is needed.
>
> There are two active domains, goodwill-lbsb.org and goodwillsolac.org.
>
> I think the spf should read as "v=spf1 ip4:65.60.89.167 -all" for both above mentioned domain names. Will this spf works?
>
> I have access to DNS records management.
>
> Thank you.
>
> Scott
>
> ---
> Scott Hostetler, MS
>
> Think Good. Think Goodwill.(tm)
> This message (including any attachments) is intended only for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, privileged, confidential, and exempt from disclosure under applicable law or may constitute as attorney work product. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, notify us immediately by telephone and (i) destroy this message if a facsimile or (ii) delete this message immediately if this is an electronic communication.
> Help us keep the environment clean, please don't print this e-mail unless absolutely necessary.
>
>
>
>
> -------------------------------------------
> Sender Policy Framework: http://www.openspf.org [http://www.openspf.org]
> Modify Your Subscription: http://www.listbox.com/member/ [http://www.listbox.com/member/]
>
> Archives: https://www.listbox.com/member/archive/1020/=now
> RSS Feed: https://www.listbox.com/member/archive/rss/1020/14525495-91eca367
> Modify Your Subscription: https://www.listbox.com/member/?&
> Unsubscribe Now: https://www.listbox.com/unsubscribe/?&&post_id=20101028180723:BCBAF8B4-E2DF-11DF-9040-BF5F67ED8BFC
> Powered by Listbox: http://www.listbox.com


-------------------------------------------
Sender Policy Framework: http://www.openspf.org [http://www.openspf.org]
Modify Your Subscription: http://www.listbox.com/member/ [http://www.listbox.com/member/]

Archives: https://www.listbox.com/member/archive/1020/=now
RSS Feed: https://www.listbox.com/member/archive/rss/1020/1311530-08394398
Modify Your Subscription: https://www.listbox.com/member/?member_id=1311530&id_secret=1311530-644bccd5
Unsubscribe Now: https://www.listbox.com/unsubscribe/?member_id=1311530&id_secret=1311530-512c0f9e&post_id=20101028191450:2933BAEA-E2E9-11DF-B8A0-F99D4A3287EA
Powered by Listbox: http://www.listbox.com
Re: Assistance [ In reply to ]
At 23:05 28/10/2010 Thursday, Hostetler, Scott wrote:
>Hello folks
>
>I need some help with the syntax in my SPF text. My outgoing email server name is emailserver2.goodwill-lbsb.org at 65.60.89.167. The incoming email goes to mx.goodwillsolac.org.

usually i point out we don't need to know your incoming setup at this point, in light of your question below i refrain

>My ISP suggest the SPF of "v=spf1 mx ~all". I do not see why mx is needed.

Your ISP is (by this evidence) totally ignorant about the purpose and use of SPF, and the last person in the world to look for advice from.

>There are two active domains, goodwill-lbsb.org and goodwillsolac.org.

excellent (info we can use)


>I think the spf should read as "v=spf1 ip4:65.60.89.167 -all"

you would be (mostly) correct

> for both above mentioned domain names. Will this spf works?

yes but partially,

SPF validates 2 things (the envelope from, AND the sending servers EHLO/HELO greeting)
(it also should invalidate all domains not used for either role above)

thus 1 spf per sending domain AND 1 spf per sending server
{and if being properly utilised 1 more for every other A or MX domain, like www.domain)

in your case 3 positive ones, undetermined negative ones (a negative spf is v=spf1 -all)

so a look at headers in this mail tells me your server 65.60.89.167 has more pressing issues than SPF
but firstly I'll point out the SPF related ones
header (Received: from emailserver2.goodwill-lbsb.org (unknown [65.60.89.167]) by
b-lb-mx-sd.listbox.com (Postfix) with ESMTP id BE838227B for
<spf-help@listbox.com>; Thu, 28 Oct 2010 18:07:19 -0400 (EDT))

from this i can see 3 things your helo/ehlo your ip and that your ptr is broken (the 'unknown' referance)

1 it HELO/EHLO's as emailserver2.goodwill-lbsb.org thus the domain
emailserver2.goodwill-lbsb.org needs an spf of "v=spf1 ip4:65.60.89.167 -all" also

2 more basic than spf a lookup of your ip's name (ptr record) gives the name
mx.goodwillsolac.org which is bad, verry bad for 2 reasons

A mx.goodwillsolac.org does not exist, thus most recievers will not even bother to look at spf as "you already forged your identity records" (lack of FCRDNS is a drop and forget issue)

B even if it did exist its a different organisation/parent-domain to your HELO/EHLO thus even if your HELO/EHLO checks out there is no way to know that the mailserver issuing it isn't running without the machine/ip owners consent (think hacked server/ratware/bot-infected machine)

the fix is of course to fix the ptr

the ptr could be pointed to mx.goodwill-lbsb.org or any other name.goodwill-lbsb.org (which has been setup and pointed at 65.60.89.167)

which would then pass the two tests above

A mx.goodwill-lbsb.org does exist and points to 65.60.89.167 so provides FCRDNS
B is in the same organisation/parent-domain as your helo/ehlo thus proves the SMTP sender is authorised and additionally proves the SMTP server is not running without your permission as a bot can only helo/ehlo with a name it can find from looking up its own ptr and your server dosn't (so extra credit from receivers that look deeply for 'evidence of admin being competent'

my own basic guide to this and all sender related setup issues is here
http://www,alandoherty.net/info/mailservers/



>I have access to DNS records management.
>
>Thank you.
>
>Scott
>
>---
>Scott Hostetler, MS
>
>Think Good. Think Goodwill.(tm)
>This message (including any attachments) is intended only for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, privileged, confidential, and exempt from disclosure under applicable law or may constitute as attorney work product. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, notify us immediately by telephone and (i) destroy this message if a facsimile or (ii) delete this message immediately if this is an electronic communication.
>Help us keep the environment clean, please don't print this e-mail unless absolutely necessary.
>
>
>
>
>-------------------------------------------
>Sender Policy Framework: http://www.openspf.org [http://www.openspf.org]
>Modify Your Subscription: http://www.listbox.com/member/ [http://www.listbox.com/member/]
>
>Archives: https://www.listbox.com/member/archive/1020/=now
>RSS Feed: https://www.listbox.com/member/archive/rss/1020/15739084-a04d3caa
>Modify Your Subscription: https://www.listbox.com/member/?&
>Unsubscribe Now: https://www.listbox.com/unsubscribe/?&&post_id=20101028180723:BCBAF8B4-E2DF-11DF-9040-BF5F67ED8BFC
>Powered by Listbox: http://www.listbox.com



-------------------------------------------
Sender Policy Framework: http://www.openspf.org [http://www.openspf.org]
Modify Your Subscription: http://www.listbox.com/member/ [http://www.listbox.com/member/]

Archives: https://www.listbox.com/member/archive/1020/=now
RSS Feed: https://www.listbox.com/member/archive/rss/1020/1311530-08394398
Modify Your Subscription: https://www.listbox.com/member/?member_id=1311530&id_secret=1311530-644bccd5
Unsubscribe Now: https://www.listbox.com/unsubscribe/?member_id=1311530&id_secret=1311530-512c0f9e&post_id=20101028194032:BFFDC846-E2EC-11DF-9393-3E56631276BD
Powered by Listbox: http://www.listbox.com