How to set up spf record to correct 550-SPF error

msibley
msibley used Ask the Experts™
on
I have a domain set up with email. When I try to send an email through that address from Outlook at home, I get a bounced message saying

550-SPF: [ip address] is not allowed to send mail from 550 [domain]

Open in new window


How do i fix this? In searching around I've found some posts that indicate that I need a text record. The one on the server currently is

v=spf1 +a +mx -all

Open in new window


Thanks,

Mark
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Hi msibley,

You need to add a DNS txt record as you suggested. Use the following format but swap ExternalIPRange for xxx.xxx.xxx.xxx/xx style IP range that you will be sending mail from. If you want to add more than one range then add another ip4: entry after the first one.

v=spf1 a mx ptr ip4:ExternalIPRange -all
For example, if mail for your domain could be sent from 209.85.143.99 then put ip4:209.85.143.99/32. If it could come from the range 209.85.143.96 - 209.85.143.103 then put ip4:209.85.143.96/29

Basically this allows mail servers to verify that mail is coming from an expected range of addresses associated with the domain.

Author

Commented:
Thanks for the quick response! Are we talking about the IP adresses assigned to my routers (home and work) by my ISPs (Time Warner and ATT)? I also check my email from Hotmail. When it comes to DNS I am as dumb as a stump...

Mark
The external IP address(es) that mail from your domain will leave from. If the mail server for the domain is at work, then the external IP range your ISP has provided you, as long as the mail routes out from there. The important thing is that it's the external IP.

You need to ask the people hosting the DNS records for your domain to create the TXT record for you, they should know what you mean.

Author

Commented:
It is a godaddy plesk server and I have access to the control panel for the dns so I can add/change records. So, I should use the IP address of the domain that is hosted on the server? I can get that by pinging the domain.
It needs to be the IP or IP range of the sending mail server. If they are hosting the mail server as well GoDaddy may have a KB on it, or you could try raising a support ticket with them.

I'm afraid pinging the domain won't get you the correct IP as you would be getting the DNS A record. Even doing an MX lookup will only get you the inbound mail rather than outbound.

Author

Commented:
Sorry for the delay in getting back. I am still looking into it. Just had some other stuff come up.

Mark
Hey Mark, no worries, we're here to help you mate so whenever you get round to it.

Author

Commented:
Believe it or not, a tech at godaddy actually responded and gave me this string to use for an spf record:

v=spf1 a mx ptr a:s2smtpout.secureserver.net include:secureserver.net ~all

Thanks for your help in pointing me in the right direction.

Mark

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial