Mailing List Archive

Hi,

I don't really know what is being ment with this statement. Could you
explain your specific setup a bit, maybe it helps getting a picture.

Koen

On Fri, Jun 18, 2004 at 12:20:33PM -0700, Shawn Smith wrote:
> I'm not sure if I need to worry about the Note that is listed below when
> I was using the SPF record generator @
> http://spftools.infinitepenguins.net/
>
> Here is the message. "Don't forget to add records for your mailservers
> too, to ensure you receive bounces successfully."
>
> I don't use my MX servers to send the email, but do I need to include
> them anyway? If I don't why would it hinder my mailservers from
> receiving bounces?
>
>
>
> Kind Regards,
>
> Shawn
>
>
>
>
> -------
> Archives at http://archives.listbox.com/spf-help/current/
> Donate! http://spf.pobox.com/donations.html
> To unsubscribe, change your address, or temporarily deactivate your subscription,
> please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

--
K.F.J. Martens, Sonologic, http://www.sonologic.nl/
Networking, embedded systems, unix expertise, artificial intelligence.
Public PGP key: http://www.metro.cx/pubkey-gmc.asc
Wondering about the funny attachment your mail program
can't read? Visit http://www.openpgp.org/

-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

On Jun 18, 2004, at 12:20 PM, Shawn Smith wrote:

> I don't use my MX servers to send the email, but do I need to include
> them anyway? If I don't why would it hinder my mailservers from
> receiving bounces?

I think that this is a concern about receipt of bounces that your
mailserver generates. If there is any possibility that your mailserver
will generate bounces with a HELO of your domain name, be sure to
include those mailservers in the SPF record for your domain.

At least that is my guess as what that is about, though the text that
you quoted (and I've snipped already and am too lazy to get back)
doesn't make things clear.

-j

--
Jeffrey Goldberg http://www.goldmark.org/jeff/

-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

Let's say I have 4 outbound SMTP servers:
smtpout1.bar.com
smtpout2.bar.com
smtpout3.bar.com
smtpout4.bar.com

I have two inbound SMTP servers that are listed by MX records.
mxin1.bar.com
mxin2.bar.com

I'm thinking I need a SPF record that looks something like this.

bar.com. IN TXT "v=spf1 a:smtpout1.bar.com a:smtpout2.bar.com a:smtpout3.bar.com a:smtpout4.bar.com ~all"

But should I also include my SMTP inboud servers into this SPF record even though they are for inbound email only and if so would all I have to do is just add the 'mx ' into the SPF record, something like this:


bar.com. IN TXT "v=spf1 mx a:smtpout1.bar.com a:smtpout2.bar.com a:smtpout3.bar.com a:smtpout4.bar.com ~all"

So, I'm just trying to see how the best way to create the SPF record.

Thanks,

Shawn


________________________________

From: owner-spf-help@v2.listbox.com on behalf of Koen Martens
Sent: Sat 6/19/2004 3:29 AM
To: spf-help@v2.listbox.com
Subject: Re: [spf-help] SPF record generator question



Hi,

I don't really know what is being ment with this statement. Could you
explain your specific setup a bit, maybe it helps getting a picture.

Koen

On Fri, Jun 18, 2004 at 12:20:33PM -0700, Shawn Smith wrote:
> I'm not sure if I need to worry about the Note that is listed below when
> I was using the SPF record generator @
> http://spftools.infinitepenguins.net/
>
> Here is the message. "Don't forget to add records for your mailservers
> too, to ensure you receive bounces successfully."
>
> I don't use my MX servers to send the email, but do I need to include
> them anyway? If I don't why would it hinder my mailservers from
> receiving bounces?
>
>
>
> Kind Regards,
>
> Shawn
>
>
>
>
> -------
> Archives at http://archives.listbox.com/spf-help/current/
> Donate! http://spf.pobox.com/donations.html
> To unsubscribe, change your address, or temporarily deactivate your subscription,
> please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

--
K.F.J. Martens, Sonologic, http://www.sonologic.nl/
Networking, embedded systems, unix expertise, artificial intelligence.
Public PGP key: http://www.metro.cx/pubkey-gmc.asc
Wondering about the funny attachment your mail program
can't read? Visit http://www.openpgp.org/

-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com


-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

Shawn Smith wrote:

> I don't use my MX servers to send the email

The idea is probably that your MX _normally_ rejects mail
to say unknown users. But if you have a backup MX at a 3rd
party, and if the backup MX doesn't know which users are ok.,
and if it relays its inbound for you via your MX, then your
MX might decide to bounce mail sent to unknown users.

If your MX relays these bounces via your normal mailout(s),
and never sends any mail directly to 3rd parties, then it's
unnecessary to mention your MX in the sender policy.

If that's really the idea, then the message should read "to
ensure that your bounces are received successfully" instead
of "to ensure you receive bounces successfully". Bye, Frank


-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

On Jun 19, 2004, at 2:32 PM, Shawn Smith wrote:

> But should I also include my SMTP inboud servers into this SPF record
> even though they are for inbound email only and if so would all I have
> to do is just add the 'mx ' into the SPF record

Do those inbound MXes ever generate bounces? Is it at all possible
that they could queue something that eventually generates a DSN? And
if so, is the domain name used in the HELO when they bounce your domain
name?

If the answers to the above are yes (or "possibly") then add the "mx"
to your SPF record.

-j

--
Jeffrey Goldberg http://www.goldmark.org/jeff/

-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com