Solved

Need help with SPF records for my domain

Posted on 2013-11-22
2
3,088 Views
Last Modified: 2013-11-25
We configured SPF records a few weeks ago and I have a feeling they aren't done properly.
Our DNS provider allows us to create both SPF and TXT records. Our emails come from several sources:

Our exchange server
MX Logic (we relay most outbound mail through them)
our CRM system
iContact

a few sites have reported issues with the SPF record. i don't understand the difference between -all, ~all, etc. can anyone help?

the records are, according to http://www.kitterman.com/spf/validate.html (i masked my own domain name):

------------------

SPF record lookup and validation for: mydomain.com

SPF records are primarily published in DNS as TXT records.

The TXT records found for your domain are:
v=spf1 ptr include:mxlogic.net ~all
v=spf1 a:autotask.net -all
v=spf1 a:mydomain.net -all
v=spf1 ip4:72.251.222.50/32 -all
v=spf1 a mx ptr include:icpbounce.com ip4:72.251.222.50/32 -all

SPF records should also be published in DNS as type SPF records.
Type SPF records found for the domain are:
v=spf1 ptr include:mxlogic.net ~all
v=spf1 a:autotask.net -all
v=spf1 a:mydomain.net -all
v=spf1 ip4:72.251.222.50/32 -all
v=spf1 a mx ptr include:icpbounce.com ip4:72.251.222.50/32 -all

Checking to see if there is a valid SPF record.

Results - Permanent Error Two or more type TXT spf records found.
No valid SPF record found of either type TXT or type SPF.
---------------


can anyone point me in the right direction??
0
Comment
Question by:tabush
2 Comments
 
LVL 39

Assisted Solution

by:footech
footech earned 250 total points
Comment Utility
You should only have a single SPF record which includes all the info.  You can duplicate that record to be a TXT record.
Here's an example of the combined record.
v=spf1 ptr include:mxlogic.net a:autotask.net a:mydomain.net ip4:72.251.222.50/32 a mx include:icpbounce.com -all

Open in new window


There may even be some duplicate info in the above, like "a:mydomain.net" and "a", probalby only one of those is needed.

You may want to look at http://www.openspf.org/SPF_Record_Syntax for syntax.
-all = fail
~all = soft fail
?all = doesn't really say anything
Generally I would recommend to start with ~all.  It depends on the recipient as to what they do with the results from a SPF check.
0
 
LVL 4

Accepted Solution

by:
FutureTechSysDOTcom earned 250 total points
Comment Utility
Here are some good articles on creating SPF records:

https://www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard/

https://kb.mediatemple.net/questions/658/How+can+I+create+an+SPF+record+for+my+domain%3F#gs

https://support.google.com/a/answer/33786?hl=en

http://www.spfwizard.net/

Many of us have to adjust these things over time.  A combination of proper SPF records, proper MX records, and forward and reverse DNS settings will do wonders for making sure that you don't get flagged as a spammer, and just in general make your email setup much better.
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

This article is intended as an extension of a blog on Aging and Scavenging by the MS Enterprise Networking Team. In brief, Scavenging is used as follows: Each record in a zone which has been dynamically registered with an MS DNS Server will have…
Occasionally you run into the website or two that will not resolve properly using your own DNS servers.  Some people simply set up global forwarders for their DNS server.  I don’t recommend doing this because it can cause problems resolving addresse…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now