Solved

SPF - Best Practice

Posted on 2013-05-12
9
467 Views
Last Modified: 2013-05-16
Hi Guys,

We are trying to setup SPF for a number of clients, but we're not 100% sure what we need to configure to only accept the senders email.

I understand that SPF is a service that blocks spam/spoof emails from senders who pretend they are someone else.

What is the best practice or recommended approach in setting up SPF? Is it best to setup to include mx, ptr, ip, a etc? Or is there another way?

We want to setup so it doesnt disrupt or hinder in any way shape or form between companies.

Apologies in advance, my knowledge is quite basic when it comes to SPF.

Thanks!
0
Comment
Question by:goraek
  • 5
  • 4
9 Comments
 
LVL 82

Expert Comment

by:Dave Baldwin
ID: 39160287
That isn't SPF at all.  SPF is contained in a TEXT record that says who is allowed to send email in the name of your domain.  Microsoft has a page to generate the text for you:  http://www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard/

Definition here: http://www.microsoft.com/mscorp/safety/technologies/senderid/default.mspx

Note also that SPF is not 'automatic'.  Some email services use it and some don't.  It is just another step that you can take to minimize spam being sent in your name.
0
 
LVL 2

Author Comment

by:goraek
ID: 39163327
We have setup TXT entries, and used the above link to check, but it says theres no SPF record.

Any ideas?

This is our current TXT record

mydomain.com TXT v=spf1 include:externaldomain.com ~all

Is this correct?
0
 
LVL 82

Expert Comment

by:Dave Baldwin
ID: 39163411
0
 
LVL 2

Author Comment

by:goraek
ID: 39164106
How do I authorise multiple mail servers?
0
VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

 
LVL 82

Expert Comment

by:Dave Baldwin
ID: 39165665
Don't know, never tried that.  Here's the 'official' pages: http://www.openspf.org/
0
 
LVL 2

Author Comment

by:goraek
ID: 39173186
Yeah I checked.

When it has "include" what does that mean?

Has anyone had any experience in SPF?
0
 
LVL 82

Accepted Solution

by:
Dave Baldwin earned 500 total points
ID: 39173257
Many of us here use SPF.  http://www.openspf.org/ and http://www.microsoft.com/mscorp/safety/technologies/senderid/default.mspx are the authorities on SPF.  'include' and all the other options are explained here: http://www.openspf.org/SPF_Record_Syntax

Click on "Request Attention" if you want some others to look at your question.
0
 
LVL 2

Author Closing Comment

by:goraek
ID: 39173600
Good info
0
 
LVL 82

Expert Comment

by:Dave Baldwin
ID: 39173616
Thanks for the points.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
Never store passwords in plain text or just their hash: it seems a no-brainier, but there are still plenty of people doing that. I present the why and how on this subject, offering my own real life solution that you can implement right away, bringin…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now