ncomper
asked on
SPF record creation
Afternoon All,
I have server 2008 managing DNS for over 100 external facing website. I need to ensure that the SPF records are setup correct as i am getting conflicting results from MX Toolbox.
Kitterman is coming back without errors (see attached)
XMToolbox is throwing the attached error
the info from MXToolbox is as follows:
I have used the text file to create the SPF record, whats the difference
im running server 2008 r2 to manage the DNS
Thanks
kitterman.png
SPF-error.png
I have server 2008 managing DNS for over 100 external facing website. I need to ensure that the SPF records are setup correct as i am getting conflicting results from MX Toolbox.
Kitterman is coming back without errors (see attached)
XMToolbox is throwing the attached error
the info from MXToolbox is as follows:
Note: Using TXT records to contain SPF information was designed as a transitional mechanism as some servers and clients did not support the new SPF record type. It is best practice to publish your SPF record via DNS as both a SPF record and and TXT record. When you do this, they MUST match exactly in accordance with RFC 4408 section 3.1.1.
I have used the text file to create the SPF record, whats the difference
im running server 2008 r2 to manage the DNS
Thanks
kitterman.png
SPF-error.png
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Don't bother with spf2 - that's SenderID and nobody is using it any more, not even Microsoft. I can't tell you if your original SPF is any good because that screen shot is largely illegible and truncated.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks Squinky, ill review the tool. As you can imagine posting all my External IP addresses in the image would not be the best idea on a public forum. but below is a copy of the record with addresses substituted
v=spf1 ip4:204.XXX.X.XXX/27 ip4:198.XXX.XXX.XXX/27 ip4:38.XX.XX.XX/27 ip4:XXX.XXX.XXX.X/27 ip4:XX.XX.XX.X/24 include:eu._netblocks.mime cast.com include:us._netblocks.mime cast.com include:za._netblocks.mime cast.com ~all
v=spf1 ip4:204.XXX.X.XXX/27 ip4:198.XXX.XXX.XXX/27 ip4:38.XX.XX.XX/27 ip4:XXX.XXX.XXX.X/27 ip4:XX.XX.XX.X/24 include:eu._netblocks.mime
That looks fine.
ASKER
Sorry to keep pushing on this....
On checking with the Dmarcian i receive the following:
DNS-querying mechanisms/modifiers:
"The SPF record authorizes 28 individual netblocks using 3 DNS-querying mechanisms/modifiers. The maximum number of DNS-querying mechanisms/modifiers is 10.
This record utilizes a small number of DNS-querying mechanisms/modifiers. No fixing is required. If this record is meant to be included by other records, consider reducing the number of DNS-querying mechanisms/modifiers (if possible) to keep total resource consumption low."
From the above can i report back that this should work within the boundary's of SPF records without issues?
Thanks,
On checking with the Dmarcian i receive the following:
DNS-querying mechanisms/modifiers:
"The SPF record authorizes 28 individual netblocks using 3 DNS-querying mechanisms/modifiers. The maximum number of DNS-querying mechanisms/modifiers is 10.
This record utilizes a small number of DNS-querying mechanisms/modifiers. No fixing is required. If this record is meant to be included by other records, consider reducing the number of DNS-querying mechanisms/modifiers (if possible) to keep total resource consumption low."
From the above can i report back that this should work within the boundary's of SPF records without issues?
Thanks,
Yes.
ASKER
Managed to resolve
ASKER
Can you please confirm the origional spf in place looks correct for me.
Thanks
spf.png