SPF Record right?

Discussion in 'Server Operation' started by sjau, Oct 10, 2007.

  1. sjau

    sjau Local Meanie Moderator

    Ok, I have been using a catch-all email address for a very long time... so whenever I needed to sign-up at some place (e.g. http://www.somedomain.com) I entered as email address: www.somedomain.com [at] roleplayer [dot] org.

    That way I could easily track where my email address was leaking.

    From time to time some people forged a roleplayer dot org email address and it was then bounced back... that wasn't that bad. However yesterday, within two hours I got over 160 such bounce backs ( http [column slash slash] t390[dot] greatnet [dot] de [slash] cgi-bin [slash] mailgraph [dot] cgi ).

    For the moment I did now deactivate that catch-all email but as you can see, there are still a lot of rejected emails (although it's turning towards normal again).

    I use the postfix integrated UCE mechanisms, greylisting and rbls but that didn't help much as you can see.

    So I started setting up SPF (according to the howto) and I wonder now if my SPF entry is correct.

    The SPF entry should do the following:
    - bind roleplayer [dot] org to the IP
    - say ok to any subdomain sending mail through
    - also say ok to the hostname given by my ISP t390 [dot] greatnet [dot] de
    - return false from any "roleplayer [dot] org" email that is not being sent through the ip address

    Here's the SPF entry I added to the bind zone file:
    roleplayer [dot] org. IN TXT "v=spf1 a mx ptr a:t390 [dot] greatnet [dot] de ~all"
    of course [x] has to be replaced by the according character.
  2. ebal

    ebal New Member

  3. falko

    falko Super Moderator ISPConfig Developer

  4. sjau

    sjau Local Meanie Moderator

    thx :)

    used the wizard to create it but wasn't sure if everything was right.

Share This Page