SPF and reverse DNS for mail

Discussion in 'Installation/Configuration' started by Lobanak, Nov 26, 2005.

  1. Lobanak

    Lobanak New Member

    Hi all,

    I start one thread for 2 problems I have at the moment. But the problems must be looked at together.

    First problem:

    I have set my mail-server to be reachable at mail.mydomain.dom. But when I do a reverse lookup of the IP, I get ns.mydomain.dom. Could be a problem with some mailservers.

    How can I set the reverse-zone of bind, to bring mail.mydomain.dom when I do a reverse lookup? Or better, how do I set it in ISPconfig? The zone-file is generated from ISPconfig, so if I change it by hand, it will be overwritten when I do changes in ISPconfig.

    My reverse-zone-file looks like this:
    $TTL        86400
    @               IN      SOA     ns.mydomain.dom. hostmaster.mydomain.dom. (
                                    2005111601       ; serial, todays date + todays serial #
                                    28800   ; Refresh
                                    7200    ; Retry
                                    604800  ; Expire
                                    86400)  ; Minimum TTL
                            NS      ns.mydomain.dom.
                            NS      ns2.mydomain.dom.
    22       PTR     mydomain.dom.
    22       PTR     [url]www.mydomain.dom[/url].
    22       PTR     secure.mydomain.dom.
    22       PTR     mail.mydomain.dom.
    22       PTR     ns.mydomain.dom.
    22       PTR     ftp.mydomain.dom.
    22       PTR     subdomain.mydomain.dom.
    Second problem:

    How do I use the SPF records in the right way? I have not found a description in the manuals. What to set as hostname (should this be mail?)? And what are all the other things?

    I think for this to work, I need to resolve the first problem.
  2. falko

    falko Super Moderator Howtoforge Staff

    When you do a reverse lookup, only one record will be returned, not all your PTRs. In your case it's ns.mydomain.com. As long as get you get an answer when you do a reverse lookup everything is fine, and you shouldn't have problems with email providers such as Hotmail.:)

    The form for creating SPF records follows the same scheme as the one here:

    Play around with the Openspf wizard, and you'll uderstand what you have to put into the fields.

Share This Page