setting up SPF

Victor Kimura
Victor Kimura used Ask the Experts™
on
Hi,

I have a few questions. I'm trying to set up an SPF record using the openspf site:
http://old.openspf.org/wizard.html?mydomain=ultratrust.com

The mail servers are sent and received from mail.ultratrust.com but I think that sending/receiving mail can come from one of the bluehost servers too. I want to send bulk mail to our double opt-in email subscribers using SMTP server from http://SMTP.com while the program itself is coming from a third-party site at http://emailmarketingservicesco.com. So with this in mind I'm wondering how to answer the questions:

1) The second question:
This wizard found 2 names for the MX servers for ultratrust.com: 18-77.bluehost.com and ultratrust.com. (A single machine may go by more than one hostname. All of them are shown.)
MX servers receive mail for ultratrust.com.
Do they also send mail from ultratrust.com?

Here not all the records are shown though. So do I click "yes" or "no"?

2) The third question:
Do you want to just approve any host
whose name ends in ultratrust.com? (Expensive, unreliable and not recommended)
It's referencing the PTR. It states something about expensive, unreliable and not recommended. Why?
Should I click "yes" or "no"?

3) The fourth question:
Do any other servers send mail from ultratrust.com?
Is this a comma separated list of domains or return carriage?

4) It states at the end of this page which was created dynamcially by openspf.org:
Any server allowed to send mail from bluehost.com is also allowed to send mail from ultratrust.com.
Should any server from bluehost.com be allowed to send mail or should it only be 18-77.bluehost.com?

5) The page also states:
When a mail server sends a bounce message, it uses a null MAIL FROM: <>, and a HELO address that's supposed to be its own name. SPF will still operate, but in "degraded mode" by using the HELO domain name instead. Because this wizard can't tell which name your mail server uses in its HELO command, it lists all possible names, so there may be multiple lines shown below. If you know which hostname your mail server uses in its HELO command, you should pick out the appropriate entries and ignore the rest.

i) It's under the heading "If you run BIND". So should I just ignore this?
ii) What does it mean by "...SPF will still operate, but in "degraded mode" by using the HELO domain name instead..."?
iii) Should I ignore this part "...If you know which hostname your mail server uses in its HELO command, you should pick out the appropriate entries and ignore the rest..."?

Much thanks,
Victor

Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Linux Systems Admin
Commented:
0) You might be able to use include:bluehost.com
1) ultratrust just includes bluehost anyway.
2) Anyone can publish a PTR record that ends in ultratrust.com, so therefore you are opening yourself up to abuse.  better to use the ip4: mechanism
3) just use a space between each one
4) if you want to avoid this (minimal) colateral damage you need a dedicated server, not shared hosting.  Don't worry about this.
5) bluehosts problem not yours.
i) you aren't pasting this directly into a zone file yourself so this tip doesn't apply to you.
ii) since there is no sender email address the sending server name is used instead (for bounces only)
iii) you don;t know the HELO name so ignore it.
bluehost.com.           14400   IN      TXT     "v=spf1 ip4:66.147.240.0/20 ip4:67.222.65.0/19 ip4:69.89.16.0/20 ip4:74.220.192.0/19 ip4:67.222.32.0/19 ip4:70.40.192.0/19 ip4:67.20.64.0/18 a mx ptr ptr:0catch.com ~all"

ultratrust.com.         14400   IN      TXT     "v=spf1 a mx ptr include:bluehost.com ?all"

Open in new window

Victor KimuraSEO, Web Developer

Author

Commented:
Hi bevhost,

Thanks for your help. It's really helpful.

1) Should I be using the above DNS record you gave?

2) I notice there are ip addresses for bluehost.com? Are all these the correct ips? Don't they have hundreds of these ips though?

3) This 18-77.bluehost.com server was generated automatically from the openspf.org site. Should I simply use this email server for the bluehost DNS record? If not, why not?

Much thanks. I'm still learning how to set this up so your answers are helpful. I really appreciated it. =)
David BeveridgeLinux Systems Admin
Commented:
They do have hundreds of IP's,
eg
67.20.64.0/18 is 16384 addresses
/19 is half that number
/20 is half again.

Consider that there is literally millions of IPs on the net, these are but a tiny speck on the global pool.
Success in ‘20 With a Profitable Pricing Strategy

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Victor KimuraSEO, Web Developer

Author

Commented:
Hi bevhost,

So I should use the above DNS ip4 addresses rather than 18-77.bluehost.com which is the output generated from the openspf.org page?
David BeveridgeLinux Systems Admin
Commented:
Yes the ip4: mechanism is good ( and way better than PTR)
Victor KimuraSEO, Web Developer

Author

Commented:
Thank you. Very helpful. =)

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial