Victor Kimura
asked on
setting up SPF
Hi,
I have a few questions. I'm trying to set up an SPF record using the openspf site:
http://old.openspf.org/wizard.html?mydomain=ultratrust.com
The mail servers are sent and received from mail.ultratrust.com but I think that sending/receiving mail can come from one of the bluehost servers too. I want to send bulk mail to our double opt-in email subscribers using SMTP server from http://SMTP.com while the program itself is coming from a third-party site at http://emailmarketingservicesco.com. So with this in mind I'm wondering how to answer the questions:
1) The second question:
This wizard found 2 names for the MX servers for ultratrust.com: 18-77.bluehost.com and ultratrust.com. (A single machine may go by more than one hostname. All of them are shown.)
MX servers receive mail for ultratrust.com.
Do they also send mail from ultratrust.com?
Here not all the records are shown though. So do I click "yes" or "no"?
2) The third question:
Do you want to just approve any host
whose name ends in ultratrust.com? (Expensive, unreliable and not recommended)
It's referencing the PTR. It states something about expensive, unreliable and not recommended. Why?
Should I click "yes" or "no"?
3) The fourth question:
Do any other servers send mail from ultratrust.com?
Is this a comma separated list of domains or return carriage?
4) It states at the end of this page which was created dynamcially by openspf.org:
Any server allowed to send mail from bluehost.com is also allowed to send mail from ultratrust.com.
Should any server from bluehost.com be allowed to send mail or should it only be 18-77.bluehost.com?
5) The page also states:
When a mail server sends a bounce message, it uses a null MAIL FROM: <>, and a HELO address that's supposed to be its own name. SPF will still operate, but in "degraded mode" by using the HELO domain name instead. Because this wizard can't tell which name your mail server uses in its HELO command, it lists all possible names, so there may be multiple lines shown below. If you know which hostname your mail server uses in its HELO command, you should pick out the appropriate entries and ignore the rest.
i) It's under the heading "If you run BIND". So should I just ignore this?
ii) What does it mean by "...SPF will still operate, but in "degraded mode" by using the HELO domain name instead..."?
iii) Should I ignore this part "...If you know which hostname your mail server uses in its HELO command, you should pick out the appropriate entries and ignore the rest..."?
Much thanks,
Victor
I have a few questions. I'm trying to set up an SPF record using the openspf site:
http://old.openspf.org/wizard.html?mydomain=ultratrust.com
The mail servers are sent and received from mail.ultratrust.com but I think that sending/receiving mail can come from one of the bluehost servers too. I want to send bulk mail to our double opt-in email subscribers using SMTP server from http://SMTP.com while the program itself is coming from a third-party site at http://emailmarketingservicesco.com. So with this in mind I'm wondering how to answer the questions:
1) The second question:
This wizard found 2 names for the MX servers for ultratrust.com: 18-77.bluehost.com and ultratrust.com. (A single machine may go by more than one hostname. All of them are shown.)
MX servers receive mail for ultratrust.com.
Do they also send mail from ultratrust.com?
Here not all the records are shown though. So do I click "yes" or "no"?
2) The third question:
Do you want to just approve any host
whose name ends in ultratrust.com? (Expensive, unreliable and not recommended)
It's referencing the PTR. It states something about expensive, unreliable and not recommended. Why?
Should I click "yes" or "no"?
3) The fourth question:
Do any other servers send mail from ultratrust.com?
Is this a comma separated list of domains or return carriage?
4) It states at the end of this page which was created dynamcially by openspf.org:
Any server allowed to send mail from bluehost.com is also allowed to send mail from ultratrust.com.
Should any server from bluehost.com be allowed to send mail or should it only be 18-77.bluehost.com?
5) The page also states:
When a mail server sends a bounce message, it uses a null MAIL FROM: <>, and a HELO address that's supposed to be its own name. SPF will still operate, but in "degraded mode" by using the HELO domain name instead. Because this wizard can't tell which name your mail server uses in its HELO command, it lists all possible names, so there may be multiple lines shown below. If you know which hostname your mail server uses in its HELO command, you should pick out the appropriate entries and ignore the rest.
i) It's under the heading "If you run BIND". So should I just ignore this?
ii) What does it mean by "...SPF will still operate, but in "degraded mode" by using the HELO domain name instead..."?
iii) Should I ignore this part "...If you know which hostname your mail server uses in its HELO command, you should pick out the appropriate entries and ignore the rest..."?
Much thanks,
Victor
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
ASKER
Hi bevhost,
So I should use the above DNS ip4 addresses rather than 18-77.bluehost.com which is the output generated from the openspf.org page?
So I should use the above DNS ip4 addresses rather than 18-77.bluehost.com which is the output generated from the openspf.org page?
SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
ASKER
Thank you. Very helpful. =)
ASKER
Thanks for your help. It's really helpful.
1) Should I be using the above DNS record you gave?
2) I notice there are ip addresses for bluehost.com? Are all these the correct ips? Don't they have hundreds of these ips though?
3) This 18-77.bluehost.com server was generated automatically from the openspf.org site. Should I simply use this email server for the bluehost DNS record? If not, why not?
Much thanks. I'm still learning how to set this up so your answers are helpful. I really appreciated it. =)