I am trying to help a client of my set up an SPF record for his domain. He has the need to authenticate mail from three locations
1. his domain whistlerreservations.com which is set up with google apps mail
2. Via a third party booking engine that sends mail from the domain rezserve.com
3. Via campaign monitor (cmail1.com) which is an email distribution system.
This is the following SPF that I created
v=spf1 a mx include:rezserve.com include:cmail1.com include:_spf.google.com ~all
I set this up but when I try and verify with
http://www.kitterman.com/spf/validate.html i get the following
Results - PermError SPF Permanent Error: No valid SPF record for included domain: rezserve.com: include:rezserve.com
and any messages sent from rezserve.com on whistlerreservations.com behalf end up in my gmail spam folder
Can somebody please verify this is correct?
Does rezserve.com also have to publish an spf record? and if show what is it that they need to set?
I hacked this together from various sources
1) google apps help - google.com/support/a/bin/a
nswer.py?a
nswer=1787
23]SPF records - Google Apps Help
which says to set the following v=spf1 include:_spf.google.com ~all
2) Campaingmonitor help -help.campaignmonitor.com/
topic.aspx
?t=88
Which says to set - v=spf1 mx include:cmail1.com ~all
Below is the mail header from one of the messages sent from resserve.com
Delivered-To: jac@whistlerwebandprint.co
m
Received: by 10.231.30.196 with SMTP id v4cs105047ibc;
Mon, 28 Feb 2011 13:54:38 -0800 (PST)
Received: by 10.227.156.207 with SMTP id y15mr5389341wbw.38.1298930
077969;
Mon, 28 Feb 2011 13:54:37 -0800 (PST)
Return-Path: <reservations@whistlerrese
rvations.c
om>
Received: from rezserve.com ([204.14.93.102])
by mx.google.com with ESMTPS id p44si7256090wej.197.2011.0
2.28.13.54
.36
(version=TLSv1/SSLv3 cipher=OTHER);
Mon, 28 Feb 2011 13:54:36 -0800 (PST)
Received-SPF: neutral (google.com: 204.14.93.102 is neither permitted nor denied by best guess record for domain of reservations@whistlerreser
vations.co
m)
client-ip=204.14.93.102;
Authentication-Results: mx.google.com; spf=neutral (google.com: 204.14.93.102 is neither permitted nor denied by best guess record for domain of
reservations@whistlerreser
vations.co
m) smtp.mail=reservations@whi
stlerreser
vations.co
m
Received: from rezserve.com (localhost.localdomain [127.0.0.1])
by rezserve.com (8.13.1/8.13.1) with ESMTP id p1SLsT8X032018
for <jac@whistlerwebandprint.c
om>; Mon, 28 Feb 2011 16:54:29 -0500
Received: (from apache@localhost)
by rezserve.com (8.13.1/8.13.1/Submit) id p1SLsTll032016;
Mon, 28 Feb 2011 16:54:29 -0500
Date: Mon, 28 Feb 2011 16:54:29
Since it is in that zone, you don't need the 'include:rezserve.com' entry, so you can delete that portion:
rezserve.com. IN TXT "v=spf1 a mx include:cmail1.com include:_spf.google.com ~all"
Once I removed that part it passed the syntax test. You can also use a wizard to make your SPF entry:
http://old.openspf.org/wiz