cancel
Showing results for 
Search instead for 
Did you mean: 

Should I add an SPF record to my domain

techguy
Grafter
Posts: 2,540
Registered: 12-09-2008

Should I add an SPF record to my domain

Hi
Looks like the .com domain I use for mail has been picked up by the spammers and am worried about it becoming blacklisted.
Should I add an SPF TXT record to the DNS records?
I found an SPF wirxard on MS' website, is that likely put in all the data required?
I have to say I don't know a great deal about the Sender Policy Framework.
13 REPLIES
itsme
Grafter
Posts: 5,924
Thanks: 1
Registered: 07-04-2007

Re: Should I add an SPF record to my domain

Believe that SPF is to stop backscatter. Blacklisting is normally done by IP address and not domain. Where is your DN records, if it's PN I don't believe you can add SPF records.
techguy
Grafter
Posts: 2,540
Registered: 12-09-2008

Re: Should I add an SPF record to my domain

mail and domain is with 1 and 1.
Am transferring domain to joker.com so can add a record as it probably worth doing anyway, intending to point the domain back at 1 and 1's nameservers
After posting t his found this on Good ol' Wikipedia http://en.wikipedia.org/wiki/Sender_Policy_Framework
itsme
Grafter
Posts: 5,924
Thanks: 1
Registered: 07-04-2007

Re: Should I add an SPF record to my domain

If you point your domain back to 1 and 1 nameservers they will be hosting your DN records not joker.com. I use www.dnsmadeeasy.com for both DNS and secondary MX service. I also added SPF to me records.
techguy
Grafter
Posts: 2,540
Registered: 12-09-2008

Re: Should I add an SPF record to my domain

Cheers I'll take a look
I keep my mail separate from my ISP (and this is not a reflection on PN) so that I can switch ISPs easilyas I got fed up of chaning my mail address and a domain looks more professional on CVs.
itsme
Grafter
Posts: 5,924
Thanks: 1
Registered: 07-04-2007

Re: Should I add an SPF record to my domain

Ditto, that's the reason that I have a domain for myself and a different ones for family members, I also gone a step further as I run my own email server hence the reason that I need a secondary MX service for when I lose my broadband connection or my server goes down.
techguy
Grafter
Posts: 2,540
Registered: 12-09-2008

Re: Should I add an SPF record to my domain

Am I right in thinking that I have to include the domain of the company that runs the SMTP relay server I use as legitimately sending mail on behalf of my domain name as I don't run a mail server?
itsme
Grafter
Posts: 5,924
Thanks: 1
Registered: 07-04-2007

Re: Should I add an SPF record to my domain

Correct but I've entered them as IP addresses, which I believe is the normal way.
=spf1 mx ip4:xxx.xxx.xxx.xxx ip4:212.159.14.0/24 -all
Above is my entry. The xxx is my email server and the 212.159.14.0/24 is PN SMTP which I have to use to send emails to certain domains. Originally I specified PN's SMTP servers individually but they changed them so now i do the whole block. Now off to see if they have changed.
techguy
Grafter
Posts: 2,540
Registered: 12-09-2008

Re: Should I add an SPF record to my domain

Will have to wait a couple of days for registrar to change so can add TXT field as 1 and 1 don't allow this.
Am starting to get backscatter so that is why I'm taking action as don't want my domain to fall into disrepute with the Internet community.
Particularly as I hope to be apply for jobs with well known Internet firms.
May I ask why you have to use PN for certain domains?
Many thanks for all your advice on this by the way, its very much appreciated.
itsme
Grafter
Posts: 5,924
Thanks: 1
Registered: 07-04-2007

Re: Should I add an SPF record to my domain

Because some ISP will only accept emails from other ISP's servers and not private SMTP servers. Namely AOL, Hotmail and maybe MSN. The problem is that they just drop the emails without any return failure message which is IMO very bad. I believe it because the static IP addresses issued by PN are classed as dynamic and therefore are rejected.
itsme
Grafter
Posts: 5,924
Thanks: 1
Registered: 07-04-2007

Re: Should I add an SPF record to my domain

AOL conditions for accepting mail.
Quote
AOL's mail servers will not accept connections from systems that use dynamically assigned or residential IP addresses.
techguy
Grafter
Posts: 2,540
Registered: 12-09-2008

Re: Should I add an SPF record to my domain

Ah right.
Looking at the headers it looks as though the mail relays are in a cluster so not really going to be able to set an IP restriction.
Community Gaffer
Community Gaffer
Posts: 12,959
Thanks: 749
Fixes: 69
Registered: 04-04-2007

Re: Should I add an SPF record to my domain

IMO SPF is a bit of a waste of time and is a little flawed in its implementation. For an insight into what I mean take a look here.
Having said that, I have an SPF record set up on my domains. It reads as follows:
v=spf1 mx include:madasafish.com include:customer-spf.mxes.net ~all

That basically means that it's ok to send email via my email hosting provider or our relay servers.
Two things to note here.
Firstly I'm using ~all instead of -all - This means that only a 'soft fail' will be given if email is sent from my domain using a server that I haven't specified in the SPF syntax. This prevents problems with mail forwarding where legitimate email could get rejected. Having said that it renders the whole point of SPF a little pointless.
Secondly, note the include:madasafish.com - If you use our relay servers/Webmail etc. to send your email then adding this entry will effectively mirror the SPF record for the madasafish.com domain. This includes the following servers, saves you having to enter the IP addresses of our servers manually, and also protects you in the event that we change the IP addresses of our mail servers at some point in the future (which has happened on numerous occasions overt the last year).
v=spf1 ip4:212.159.7.99 ip4:212.159.7.100 ip4:212.159.7.35 ip4:212.159.7.36 ip4:80.189.90.0/26 ip4:80.189.91.0/25 ip4:80.189.92.0/24 ip4:80.189.94.0/24 ip4:212.159.0.10 ip4:212.159.14.0/24 -all

If you want to check that your SPF is working then send an email to a Gmail address and check the headers at the other end.

Bob Pullen
Plusnet Products Team
If I've been helpful then please give thanks ⤵

techguy
Grafter
Posts: 2,540
Registered: 12-09-2008

Re: Should I add an SPF record to my domain

Thanks for that also Bob
As I say, I just want to guard against, as much as possible the possiblity of my domain being blacklisted as I do use it for important mail because it looks better than a yahoo or hotmail or dare I say it, ISP address.  Smiley
I suppose someone somehwere is working on a better way to secure domains and cut down on spam but until then I suppose you can only do what you can do with the tools available.
I've just got to wait for those slow cogs at Versign to go round to effect the transfer than I can add and tweak the TXT field.