Hello,
Our first attempt to implement SPF failed with the ISP that maintains the
authoratative nameserver for one domain, Interland, refusing to add PTR.
Since then, last Wednesday, I've been looking into setting up a common DNS
for all our customers, many of whom use Mdaemon for email. Mdaemon currently
supports SPF.
Reading everything I could find on Pobox.com about setting up SPF has left
me confused. It appears that SPF is sort of Reverse-ARP. If that be true
most IP databases are maintained by the ISP that was originally allocated
the IP block from Arin. Example: mail.biltmorefarms.com has MX record in
authoratative nameserver pointing to A:208.62.177.194. However, if you go to
Arin www.arin.net and use their Whois lookup for this IP you get 'Bell
South'. Bell South is the ISP that provides the T1 for the customer assigned
a block of IP's including 208.62.177.194. Unless the customer, specifically
informs Bell South that mail.biltmorefarms.com is at 208.62.177.194 and they
add it to their hosts table, you can't do a reverse lookup.
Running the SPF wizard produced a suggested TXT entry to be added to DNS. It
doesn't state WHICH DNS. Is this the authoratative nameserver for the domain
OR the authoratative nameserver for the IP? BIG DIFFERENCE!
Also, I understand the difference between the information contained in the
PTR and the MX record. However, in most cases I deal with the receiver of
email, MX, is also the sender for the domain. SO WHY can't SPF just use the
MX record to verify that the IP address within the email header matches the
MX record for the domain supposedly sending the email; and if a PTR exists,
use it to enable the designation of a different sender and/or multiple
senders.
Sorry this is so long, just trying to give enough information. Remember I'm
new to this, but have customers that are really upset with SPAM and
particularly address spoofing.
W. Tom Anderson
-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com
Our first attempt to implement SPF failed with the ISP that maintains the
authoratative nameserver for one domain, Interland, refusing to add PTR.
Since then, last Wednesday, I've been looking into setting up a common DNS
for all our customers, many of whom use Mdaemon for email. Mdaemon currently
supports SPF.
Reading everything I could find on Pobox.com about setting up SPF has left
me confused. It appears that SPF is sort of Reverse-ARP. If that be true
most IP databases are maintained by the ISP that was originally allocated
the IP block from Arin. Example: mail.biltmorefarms.com has MX record in
authoratative nameserver pointing to A:208.62.177.194. However, if you go to
Arin www.arin.net and use their Whois lookup for this IP you get 'Bell
South'. Bell South is the ISP that provides the T1 for the customer assigned
a block of IP's including 208.62.177.194. Unless the customer, specifically
informs Bell South that mail.biltmorefarms.com is at 208.62.177.194 and they
add it to their hosts table, you can't do a reverse lookup.
Running the SPF wizard produced a suggested TXT entry to be added to DNS. It
doesn't state WHICH DNS. Is this the authoratative nameserver for the domain
OR the authoratative nameserver for the IP? BIG DIFFERENCE!
Also, I understand the difference between the information contained in the
PTR and the MX record. However, in most cases I deal with the receiver of
email, MX, is also the sender for the domain. SO WHY can't SPF just use the
MX record to verify that the IP address within the email header matches the
MX record for the domain supposedly sending the email; and if a PTR exists,
use it to enable the designation of a different sender and/or multiple
senders.
Sorry this is so long, just trying to give enough information. Remember I'm
new to this, but have customers that are really upset with SPAM and
particularly address spoofing.
W. Tom Anderson
-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com