Outgoing mail and SPF/PTR
Greetings,
I've been having a recent issue of MAILSPIKE and blacklisting site listing my domain as unsafe, preventing emails from being received by MAILSPIKE users. Unfortunately, MAILSPIKE is supremely pathetic at providing any information (threat reasoning or contact). Thus, I'm investigating my network to identify what could be going on. I have relaying disabled and have examined my logs exhaustively. I'm looking to implement an SPF record within my DNS, but I suspect limited return on that. However, I've read nothing to suggest that it could hurt. However, I have come across an issue that made me need to whip up this inquiry. Currently, Mailspike is flagging IP address x.x.x.a (my router's WAN IP), while my mail server has x.x.x.b associated with it and the MX record (obviously), which is then NATed to it's private IP. So, upon setting up a SPF, while I could do similar to the following <domain.com TXT "v=spf1 mx -all">, would that even matter in this case, as the flagged IP is x.x.x.a, not x.x.x.b? Also, while troubleshooting, it was also suggested that my PTR is incorrect. However, per http://www.uceprotect.net/en/rblcheck.php, it comes back as correct. Needless to say, Mailspike and Uceprotect are irritating me, but as a responsible net admin, I do want to resolve the matter. Would appreciate any pertinent input. Thanks. Jer
I've been having a recent issue of MAILSPIKE and blacklisting site listing my domain as unsafe, preventing emails from being received by MAILSPIKE users. Unfortunately, MAILSPIKE is supremely pathetic at providing any information (threat reasoning or contact). Thus, I'm investigating my network to identify what could be going on. I have relaying disabled and have examined my logs exhaustively. I'm looking to implement an SPF record within my DNS, but I suspect limited return on that. However, I've read nothing to suggest that it could hurt. However, I have come across an issue that made me need to whip up this inquiry. Currently, Mailspike is flagging IP address x.x.x.a (my router's WAN IP), while my mail server has x.x.x.b associated with it and the MX record (obviously), which is then NATed to it's private IP. So, upon setting up a SPF, while I could do similar to the following <domain.com TXT "v=spf1 mx -all">, would that even matter in this case, as the flagged IP is x.x.x.a, not x.x.x.b? Also, while troubleshooting, it was also suggested that my PTR is incorrect. However, per http://www.uceprotect.net/en/rblcheck.php, it comes back as correct. Needless to say, Mailspike and Uceprotect are irritating me, but as a responsible net admin, I do want to resolve the matter. Would appreciate any pertinent input. Thanks. Jer
ASKER
Papertrip, thanks for the response. Looked at your other ticket, which seems to be the same issue. I'm just wondering if I'm supposed to be doing a different config (such as static 1-to-1) for my outgoing mail. As the IP for WAN port on my central firewall is the route (and address) for all outgoing traffic (SMTP, FTP, HTTP, etc), do I simply create a request (SPF record) for that address x.x.x.a?
Also, when I did discuss creating the record with my ISP who hosts my DNS records, I got a blank stare. They didn't know what I was talking about. Does the SPF record get applied elsewhere?
Thanks,
Jer
Also, when I did discuss creating the record with my ISP who hosts my DNS records, I got a blank stare. They didn't know what I was talking about. Does the SPF record get applied elsewhere?
Thanks,
Jer
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for the help. Sorry for the delay in responding. Been hectic here.
Hi
I've done the exact same procedure when changing my ISP, and I'm still in the mailspike blacklist. Since we can't contact them, and since I'm blacklisted each time I change the outgoing IP address, does anyone have an idea how to fix my issue ?
I've done the exact same procedure when changing my ISP, and I'm still in the mailspike blacklist. Since we can't contact them, and since I'm blacklisted each time I change the outgoing IP address, does anyone have an idea how to fix my issue ?
SPF record needs to be your sending server(s) IP(s), and on that note, blacklists only affect the sending IP(s) as well.
I'm currently working on another SPF issue at https://www.experts-exchange.com/questions/27344632/spf-records.html