Solved

Need help with SPF records for my domain

Posted on 2013-11-22
2
3,181 Views
Last Modified: 2013-11-25
We configured SPF records a few weeks ago and I have a feeling they aren't done properly.
Our DNS provider allows us to create both SPF and TXT records. Our emails come from several sources:

Our exchange server
MX Logic (we relay most outbound mail through them)
our CRM system
iContact

a few sites have reported issues with the SPF record. i don't understand the difference between -all, ~all, etc. can anyone help?

the records are, according to http://www.kitterman.com/spf/validate.html (i masked my own domain name):

------------------

SPF record lookup and validation for: mydomain.com

SPF records are primarily published in DNS as TXT records.

The TXT records found for your domain are:
v=spf1 ptr include:mxlogic.net ~all
v=spf1 a:autotask.net -all
v=spf1 a:mydomain.net -all
v=spf1 ip4:72.251.222.50/32 -all
v=spf1 a mx ptr include:icpbounce.com ip4:72.251.222.50/32 -all

SPF records should also be published in DNS as type SPF records.
Type SPF records found for the domain are:
v=spf1 ptr include:mxlogic.net ~all
v=spf1 a:autotask.net -all
v=spf1 a:mydomain.net -all
v=spf1 ip4:72.251.222.50/32 -all
v=spf1 a mx ptr include:icpbounce.com ip4:72.251.222.50/32 -all

Checking to see if there is a valid SPF record.

Results - Permanent Error Two or more type TXT spf records found.
No valid SPF record found of either type TXT or type SPF.
---------------


can anyone point me in the right direction??
0
Comment
Question by:tabush
2 Comments
 
LVL 39

Assisted Solution

by:footech
footech earned 250 total points
ID: 39669362
You should only have a single SPF record which includes all the info.  You can duplicate that record to be a TXT record.
Here's an example of the combined record.
v=spf1 ptr include:mxlogic.net a:autotask.net a:mydomain.net ip4:72.251.222.50/32 a mx include:icpbounce.com -all

Open in new window


There may even be some duplicate info in the above, like "a:mydomain.net" and "a", probalby only one of those is needed.

You may want to look at http://www.openspf.org/SPF_Record_Syntax for syntax.
-all = fail
~all = soft fail
?all = doesn't really say anything
Generally I would recommend to start with ~all.  It depends on the recipient as to what they do with the results from a SPF check.
0
 
LVL 4

Accepted Solution

by:
FutureTechSysDOTcom earned 250 total points
ID: 39669384
Here are some good articles on creating SPF records:

https://www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard/

https://kb.mediatemple.net/questions/658/How+can+I+create+an+SPF+record+for+my+domain%3F#gs

https://support.google.com/a/answer/33786?hl=en

http://www.spfwizard.net/

Many of us have to adjust these things over time.  A combination of proper SPF records, proper MX records, and forward and reverse DNS settings will do wonders for making sure that you don't get flagged as a spammer, and just in general make your email setup much better.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Pointing my domain to a big commerce store using a cname 46 92
DNS on-premise and on-cloud 15 118
PDC - DC Sync error 13 48
server DNS address could not be found 22 124
One of the most often confused topics in the area DNS is the idea of GLUE records. Specifically, what they are, when they are needed, when they are provided, and how they are created. First, WHAT IS GLUE? To understand GLUE, you must first under…
I've written instructions for one router type, but this principle may be useful for others of the same brand and even other brands of router. Problem: I had an issue especially with mobile devices that refused to use DNS information supplied via…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…
Need to grow your business through quality cloud solutions? With everything required to build a cloud platform and solution, you may feel like the distance between you and the cloud is quite long. Help is here. Spend some time learning about the Con…

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now