Mailing List Archive: Multihomed Mail Server with SPF

Multihomed Mail Server with SPF

Aug 5, 2004, 7:02 AM

Post #1 of 4 (2915 views)

I have a single mail server that is multihomed with two ISPs and I have two
A records:

mailhost A 1.2.3.4
mailhost A 4.3.2.1

I have reverse lookup pointers for both IPs that point at mailhost.

1.2.3.4 PTR mailhost.mydomain.com
4.3.2.1 PTR mailhost.mydomain.com

Will the SPF record below work or could there be a problem? Will
check_host() check for all A records for mailhost before it fails or could
the sender get "unlucky"?

"v=spf1 mx -all"

Regards,

Bob Davis

-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

Multihomed Mail Server with SPF [ In reply to ]

bdavis at daviscomms

Aug 5, 2004, 7:02 AM

Post #2 of 4 (2940 views)

Permalink

Re[2]: Multihomed Mail Server with SPF [ In reply to ]

bdavis at daviscomms

Aug 5, 2004, 9:44 PM

Post #3 of 4 (2957 views)

Permalink

Hi Koen,

Thanks much, your answer supplies the missing bit of information.

The draft doesn't really say that "all A records are checked for each MX
name returned".

Best Regards

Bob Davis

______________________________ Reply Separator _________________________________
Subject: Re: [spf-help] Multihomed Mail Server with SPF
Author: Koen Martens <spf@metro.cx> at Internet
Date: 8/6/2004 9:24 AM

Hi,

From http://spf.pobox.com/mechanisms.html#mx:

All the A records for all the MX records for domain are tested in order
of MX priority. If the client IP is found among them, this mechanism
matches.

Also, in the draft:

check_host() first performs an MX lookup on the <target-name>. Then
perform an A lookup on each MX name returned, in order of MX
priority. The <ip> is compared to each returned IP address. If any
address matches, the mechanism matches.

Koen

On Thu, Aug 05, 2004 at 02:02:37PM +0000, Bob Davis wrote:
> I have a single mail server that is multihomed with two ISPs and I have two
> A records:
>
> mailhost A 1.2.3.4
> mailhost A 4.3.2.1
>
> I have reverse lookup pointers for both IPs that point at mailhost.
>
> 1.2.3.4 PTR mailhost.mydomain.com
> 4.3.2.1 PTR mailhost.mydomain.com
>
> Will the SPF record below work or could there be a problem? Will
> check_host() check for all A records for mailhost before it fails or could
> the sender get "unlucky"?
>
> "v=spf1 mx -all"
>
> Regards,
>
> Bob Davis
>
>
>
> -------
> Archives at http://archives.listbox.com/spf-help/current/
> Donate! http://spf.pobox.com/donations.html
> To unsubscribe, change your address, or temporarily deactivate your
subscription,
> please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

--
K.F.J. Martens, Sonologic, http://www.sonologic.nl/
Networking, embedded systems, unix expertise, artificial intelligence.
Public PGP key: http://www.metro.cx/pubkey-gmc.asc
Wondering about the funny attachment your mail program
can't read? Visit http://www.openpgp.org/

-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

Re: Multihomed Mail Server with SPF [ In reply to ]

spf at metro

Aug 6, 2004, 12:24 AM

Post #4 of 4 (2963 views)

Permalink

Hi,

From http://spf.pobox.com/mechanisms.html#mx:

All the A records for all the MX records for domain are tested in order
of MX priority. If the client IP is found among them, this mechanism
matches.

Also, in the draft:

check_host() first performs an MX lookup on the <target-name>. Then
perform an A lookup on each MX name returned, in order of MX
priority. The <ip> is compared to each returned IP address. If any
address matches, the mechanism matches.

Koen

On Thu, Aug 05, 2004 at 02:02:37PM +0000, Bob Davis wrote:
> I have a single mail server that is multihomed with two ISPs and I have two
> A records:
>
> mailhost A 1.2.3.4
> mailhost A 4.3.2.1
>
> I have reverse lookup pointers for both IPs that point at mailhost.
>
> 1.2.3.4 PTR mailhost.mydomain.com
> 4.3.2.1 PTR mailhost.mydomain.com
>
> Will the SPF record below work or could there be a problem? Will
> check_host() check for all A records for mailhost before it fails or could
> the sender get "unlucky"?
>
> "v=spf1 mx -all"
>
> Regards,
>
> Bob Davis
>
>
>
> -------
> Archives at http://archives.listbox.com/spf-help/current/
> Donate! http://spf.pobox.com/donations.html
> To unsubscribe, change your address, or temporarily deactivate your subscription,
> please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com

--
K.F.J. Martens, Sonologic, http://www.sonologic.nl/
Networking, embedded systems, unix expertise, artificial intelligence.
Public PGP key: http://www.metro.cx/pubkey-gmc.asc
Wondering about the funny attachment your mail program
can't read? Visit http://www.openpgp.org/

-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com