[PLUG] SPF records in DNS zone files
Russ Johnson
russj at dimstar.net
Tue Mar 30 13:27:02 UTC 2004
Rich Shepard wrote:
> Are folks adding spf records to their dns zone files? Aracnet did so for
>my domain when I asked this morning. The format is simple:
>
>domain_name.tld IN TXT "v=spf1 a mx ptr -all"
>
> With this in place, spf-enabled MTAs can verify that mail supposedly from
>your domain name was sent by a defined mail server at your IP address. Seems
>to me this will help reduce spam once spf records are generally implemented.
>
I like the idea. I just haven't been able to reconcile how it would be
best to set up in my environment.
All of *MY* email from dimstar.net comes from my server at
mail.dimstar.net. But this is not the problem.
My kids and my girlfriend live elsewhere in Oregon, and have a different
connection to the net. They have email addresses on my server, and pick
up from mail.dimstar.net.
However, due to restrictions, they must send through the provider they
are connected to. So their dimstar.net email will come from a
centurytel.net mail server.
It just doesn't seem proper to list a centurytel mail server as one of
my spf records.
Yes, I could set up a vpn connection from their house to mine. Or I
could set up a mail server at their house that forwards to the
centurytel server. Seems like a lot of work.
These folks have very simple networks. Hardware (netgear) firewall, with
Windows machines behind them. They are 100+ miles from me, so when
things go bad, I can't just drive over on a whim.
So. My question remains, what's the best thing to do? I'm sticking with
no spf records for now.
Russ
More information about the PLUG
mailing list