help upderstanding TXT records

Hi
we have had a lot of issues with email spoofing on our domain
I have been adviced to add a TXT record to our DNS to try to minimize this

I have entered this string of text:

v=spf1 a:mail.e-advice.dk ip4:87.116.17.68 ptr:mail.e-advice.dk -all

Can i get anyone to talk me through with plain english and break down each statement, what this mean so I can understand if this looks correct for our domain?

The domain i am testing with is e-advice.dk

Thanks
morten444Asked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
carlmdConnect With a Mentor Commented:
Here is an explanation....

a:mail.e-advice.dk
Using an "a" here indicates you want to use dns to translate the name url to an ip address
you could also use the ip address of your mail sender instead as you did with
ip4:87.116.17.68   You don't need both. You could also have multiple ip4 statements on the line if you have more than one valid mail sender.

ptr:mail.e-advice.dk
This forces a reverse dns lookup, which is not necessarily desirable. This can fail if you dns (and isp) is not set up properly. It also makes it take much longer to verify.

the -all signifies that if there are no matches in the previous statements, then fail the test.

You could simplify you SPF record to just
v=spf1 ip4:87.116.17.68 -all
which simply says that if the mail is not sent from this ip address, then fail it.

You can choose to use the SPF record as you wrote it since it is valid.

You can test your SPF records at....
http://www.kitterman.com/spf/validate.html

Hope that helps.
0
 
carlmdCommented:
You are really adding an SPF record to your dns. Take a look at...

http://www.zytrax.com/books/dns/ch9/spf.html
0
 
morten444Author Commented:
Hi
Thanks for link
yes i have read alot but missing the understanding of this line as i am not techincal myself, i dont quite understand. I need a walk through of the sentence.
I will write what i understand then anyone can correct or rewrite the right understanding


v=spf1 a:mail.e-advice.dk ip4:87.116.17.68 ptr:mail.e-advice.dk -all

v=spf1 = Mandatory as defining version

a:mail.e-advice.dk
Any mail send from domain e-advice.dk kan only be sent from this mail server.
This means the spoofing mails send from other mail server in our name will not reach as long as receivers mailserver check SPF records. Is that right?

ip4:87.116.17.68
The smtp server mail.e-advice.dk kan only operate on IP 87.116.17.68?

ptr:mail.e-advice.dk
Something to do with reverse DNS but what does this statement actually do.
Can anyone explain
e-advice.dk is using SMTP Server mail.e-advice.dk and this has a valid Reverse DNS


-all
Fail. Domain owner deems this a conclusive test.
Not sure i understand. Does it just mean that there are no exeptions.
Any mail from e-advice.dk HAS to YES OR YES use SMTP: mail.e-advice.dk with no exeption for any account?

Please have a look at this and correct where i am wrong.
In this way i can understand what each of the rules means

Thanks a log
0
Get 10% Off Your First Squarespace Website

Ready to showcase your work, publish content or promote your business online? With Squarespace’s award-winning templates and 24/7 customer service, getting started is simple. Head to Squarespace.com and use offer code ‘EXPERTS’ to get 10% off your first purchase.

 
morten444Author Commented:
Hi Carlmd
Thanks for the good explenation.
Last question before rewarding

Is the line i have good and should it do some help against email spoofing?
0
 
0xSaPx0Commented:
Not to hijack, but yes, using SPF records will not reduce the amount of spam that is using a spoofed address from your domain. However it does allow recipients to perform an spf lookup on your domain to determine if the sending IP address/hostmail matches the DNS SPF record.

Example:
bob@domain.com - sending server is 1.1.1.1

Recipient does SPF lookup: SPF Records for 2.2.2.2

1.1.1.1 <> 2.2.2.2 and the mail will fail the SPF check and end up quarantined or dropped or whatever action is used by the recipient mail filter.
0
 
carlmdCommented:
Yes, it will help prevent your recipient sites that check SPF records, from receiving spoofed email from your domain.
0
 
morten444Author Commented:
Thanks for a detailed answer
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.