Solved

Adding Mail server to SPF record

Posted on 2016-09-19
5
96 Views
Last Modified: 2016-09-19
Hi, we have a secure web portal that sends us an email when someone logs in and makes some changes to their account. It is handled and hosted by the developer. It worked fine for a long time but recently we have been receiving bounce backs because the developers server is not authorized to send email on behalf of our Domain.

I have added  their servers IP4 address after the IP address of our mail server, in the SPF record. Does the syntax look correct.

v=spf1 mx ptr mx:mail.ourdomain.com ip4:222.222.222.222 ip4:33.333.33.33 -all
0
Comment
Question by:Stev0W
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 16

Expert Comment

by:max_the_king
ID: 41804736
hi,
try and change syntax from
-all
to
~all

hope this helps
max
0
 
LVL 25

Accepted Solution

by:
Marcus Bointon earned 500 total points
ID: 41804738
That looks workable, but I recommend you put the IP addresses first as it makes it faster for receivers to check it, like this:

v=spf1 ip4:222.222.222.222 ip4:33.333.33.33 mx ptr mx:mail.ourdomain.com -all

Open in new window

There's not usually much to be gained by ptr entries in SPF records.

To be certain, check the exact settings that the bounce is coming from manually and make sure its covered by your SPF.
0
 
LVL 25

Expert Comment

by:Marcus Bointon
ID: 41804741
Don't change -all to ~all unless you're also using DMARC; it will weaken your SPF settings unnecessarily. Solve the exact problem, don't just give up!
0
 
LVL 16

Expert Comment

by:max_the_king
ID: 41804743
you may want to read this:

http://www.openspf.org/SPF_Record_Syntax

max
0
 

Author Closing Comment

by:Stev0W
ID: 41804879
Thanks. Moved the record around as suggested and drooped the ptr entry. Seems to be working fine.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains how to install and use the NTBackup utility that comes with Windows Server.
After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question