[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 974
  • Last Modified:

SPF record doesnt work

We are getting spams of rejected messages from other domain that people are trying to send emails as our domain.

I created a SPFrecord for rubner.co.il but it seem not work, and its even getting worse, i cant understand the behave.

1) still getting spam that people are trying to send email from our domain
2) Some email that is being sent from some email account is being blocked by the SPF, the weird thing it only blocks some destinations, not all of them!

i really need help in setting that SPF record.

the domain is rubner.co.il
and the only pop server is: pop.asia.secureserver.net
and the only smtp server is smtpout.secureserver.net



2) errors

-----Original Message-----
From: MAILER-DAEMON@sg2plout10-01.prod.sin2.secureserver.net
[mailto:MAILER-DAEMON@sg2plout10-01.prod.sin2.secureserver.net]
Sent: Wednesday, September 12, 2012 1:10 PM
To: removed@rubner.co.il
Subject: failure notice

Hi. This is the qmail-send program at
sg2plout10-01.prod.sin2.secureserver.net.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.

<removed@yedid.net>:
207.5.72.180 does not like recipient.
Remote host said: 550 5.1.1 <removed@yedid.net>: Recipient address
rejected: User unknown in relay recipient table
Giving up on 207.5.72.180.

<removed@012.net.il>:
Connected to 80.179.55.150 but sender was rejected.
Remote host said: 550 5.7.1 SPF verification failed

<removed@zahav.net.il>:
Connected to 80.179.55.150 but sender was rejected.
Remote host said: 550 5.7.1 SPF verification failed

<removed@zahav.net.il>:
Connected to 80.179.55.150 but sender was rejected.



1) error
0
yairge
Asked:
yairge
  • 3
  • 2
1 Solution
 
JAN PAKULAICT Infranstructure ManagerCommented:
i have check dns records for you smtp server domain

secureserver.net

http://www.intodns.com/secureserver.net

start of authority expired.

SOA EXPIRE      Your SOA EXPIRE number is: 2592000. That is NOT OK

and mx record for this domain is

smtp.secureserver.net

nslookup shows that smtpout.secureserver.net is an alias of smtpout.where.secureserver.net

Name:    smtpout.where.secureserver.net
Address:  173.201.193.229
Aliases:  smtpout.secureserver.net


also you have different mx for this domain (different from what you are using)
this is secureserver,net MX record (different Ips)
Non-authoritative answer:
Name:    smtp.secureserver.net
Address:  216.69.186.201


For SPF to work properly you will need to include all smtp server you are using.

JAN MA CCNA
0
 
Dave BaldwinFixer of ProblemsCommented:
I can't find an IP for "rubner.co.il".  It doesn't show up anywhere.
0
 
JAN PAKULAICT Infranstructure ManagerCommented:
same here:)
0
Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

 
yairgeAuthor Commented:
here:

http://www.whois.co.il/index.php?domain=rubner.co.il

there is no A record for www.rubner.co.il or rubner.co.il
there are for pop.rubner.co.il

janpakula, could you supply the syntax for the SPF record please?
0
 
Dave BaldwinFixer of ProblemsCommented:
That link lists the registration record but there is still no DNS, no IP address.
0
 
JAN PAKULAICT Infranstructure ManagerCommented:
in your dns
Create a TXT record containing this text:

"v=spf1 mx -all"

Allow domain's MXes to send mail for the domain, prohibit all others. - probably best option.

or

"v=spf1 mx ~all"

SoftFail      The SPF record has designated the host as NOT being allowed to send but is in transition      accept but mark

or if you sure about your mx records

"v=spf1 include:pop.asia.secureserver.net -all"

it will pass check only from this server all others will fail and wont be able to send messages-


also check that for reference

http://www.openspf.org/SPF_Record_Syntax

JAN MA CCNA
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now