speeder503
asked on
SPF email record
Hello Experts,
Our company has recently migrated email servers and we need to verify our SPF records are correct. Its a simple environment with an exchange box sitting behind a barracuda spam firewall. Here is what we have: (ive changed the info a bit to protect privacy)
mx record: mx01.somecompany.com
internal exchange server: mx01.eh.local
send connector on exchange: mx01.somecompany.com
receive connector on exchange: mx01.somecompany.com
barracuda spam filter (we run outbound messages through it): ehba-001.somecompany.com
our current spf record:
v=spf1 mx ptr ip4:[64.10.10.10] mx:mx01.somecompany.com -all
Here is a bounce back message from a hotmail account:
X-ASG-Debug-ID: 1299333332-03ca88770711720 001-lEgx0r
Received: from mx01.somecompany.com (mx01.eh.local [10.20.8.3]) by
EHBA-001.somecompany.com with ESMTP id xmFdy9k5s7XQ6JLj for
<someemailaddr@hotmail.com >; Sat, 05 Mar 2011 07:55:36 -0600 (CST)
X-Barracuda-Envelope-From: sender@somecompany.com
Received: from MX01.eh.local ([fe80::7d84:be4a:4192:9c1 ]) by
mx01.eh.local ([fe80::7d84:be4a:4192:9c1 %18]) with mapi id
14.01.0270.001; Sat, 5 Mar 2011 07:53:55 -0600
Do we need to add the barracuda (ehba-001.somecompany.com) to the spf record? Or our internal exchange server (mx01.eh.local)?
Thanks for your help!!
Our company has recently migrated email servers and we need to verify our SPF records are correct. Its a simple environment with an exchange box sitting behind a barracuda spam firewall. Here is what we have: (ive changed the info a bit to protect privacy)
mx record: mx01.somecompany.com
internal exchange server: mx01.eh.local
send connector on exchange: mx01.somecompany.com
receive connector on exchange: mx01.somecompany.com
barracuda spam filter (we run outbound messages through it): ehba-001.somecompany.com
our current spf record:
v=spf1 mx ptr ip4:[64.10.10.10] mx:mx01.somecompany.com -all
Here is a bounce back message from a hotmail account:
X-ASG-Debug-ID: 1299333332-03ca88770711720
Received: from mx01.somecompany.com (mx01.eh.local [10.20.8.3]) by
EHBA-001.somecompany.com with ESMTP id xmFdy9k5s7XQ6JLj for
<someemailaddr@hotmail.com
X-Barracuda-Envelope-From:
Received: from MX01.eh.local ([fe80::7d84:be4a:4192:9c1
mx01.eh.local ([fe80::7d84:be4a:4192:9c1
14.01.0270.001; Sat, 5 Mar 2011 07:53:55 -0600
Do we need to add the barracuda (ehba-001.somecompany.com)
Thanks for your help!!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
In answer to the question, to TEST your SPF record, you have many options:
1) If you have a Linux system, use the command (part of bind/named)
2) If you want a web-based test, try here
Good Luck!
Dan
IT4SOHO
1) If you have a Linux system, use the command (part of bind/named)
dig txt domain.com
-- or, if you're using a newer DNS server, try --
dig spf domain.com
In either case, your SPF record will be in the response-- or, if you're using a newer DNS server, try --
dig spf domain.com
2) If you want a web-based test, try here
Good Luck!
Dan
IT4SOHO
ASKER
Thanks for the suggestions:
I've modified the spf record to read: v=spf1 mx ptr ip4:myaddr -all and it passes on kitterman.com's website. However I still receive a 550 sc-002 message from hotmail.
Im concerned by the following header received by hotmail:
Received: from mx01.somecompany.com (mx01.eh.local [10.20.8.3]) by
EHBA-001.somecompany.com
Are we sure I do not need to add the ip address of EHBA-001.somecompany.com to the spf record?
I've modified the spf record to read: v=spf1 mx ptr ip4:myaddr -all and it passes on kitterman.com's website. However I still receive a 550 sc-002 message from hotmail.
Im concerned by the following header received by hotmail:
Received: from mx01.somecompany.com (mx01.eh.local [10.20.8.3]) by
EHBA-001.somecompany.com
Are we sure I do not need to add the ip address of EHBA-001.somecompany.com to the spf record?
Is EHBA-001.somecompany.com the internal FQDN of your Exchange Server?
v=spf1 mx ptr ip4:[64.10.10.10] mx:mx01.somecompany.com -all
Then you need to remove the square brackets from around the IP Address so it looks like this:
v=spf1 mx ptr ip4:64.10.10.10 mx:mx01.somecompany.com -all