Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: SPF: Help

help setting up 2 IPs with SPF

  

 
SPF help RSS feed   Index | Next | Previous | View Threaded


gtedwards at conpoint

Oct 5, 2007, 3:03 PM

Post #1 of 2 (612 views)
Permalink
help setting up 2 IPs with SPF
I have 2 IP addresses that I need to send mail from using the same domain.
No other IP's in the subnet should be sending mail with this domain name.
One is for our primary mailserver the other is the IP of our billing server
that which directly emails bills to customers. I have had the primary
mailserver SPF record setup for awhile with no problems. I discovered a few
customers did not get their emailed bills because of spf failures. So I
tried to add the second IP, but I can not get it to work. I am sure it is
something obvious--probably something that has been answered many times but
I can not find the answer. I hope someone here can help.

The SPF line in DNS has been setup as follows for sometime without error
DOMAIN.com. IN TXT "v=spf1 ip4:xxx.xxx.xxx.5/32 a mx a:DOMAIN.com ~all"

I duplicated this line and changed the IP address to the additional IP.
Adding the following line
DOMAIN.com. IN TXT "v=spf1 ip4:xxx.xxx.xxx.7/32 a mx a:DOMAIN.com ~all"

The SPF section looks like this.
DOMAIN.com. IN TXT "v=spf1 ip4:xxx.xxx.xxx.5/32 a mx a:DOMAIN.com ~all"
DOMAIN.com. IN TXT "v=spf1 ip4:xxx.xxx.xxx.7/32 a mx a:DOMAIN.com ~all"

This fails until I remove the second line though.

Of course DOMAIN is actually the domain name, and the xxx's are the IP
addresses for each server. They are both in the same class C.

Sorry for the stupid question and thanks for any help.

George

-------------------------------------------
-----------------------------------------------------------------------
Archives at http://archives.listbox.com/spf-help/current/ or
http://www.gossamer-threads.com/lists/spf/help/ (easier to search)
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?member_id=1311530&id_secret=50651979-4c2dba
Powered by Listbox: http://www.listbox.com


michael at breton

Oct 5, 2007, 7:34 PM

Post #2 of 2 (586 views)
Permalink
Re: help setting up 2 IPs with SPF [In reply to]
----- Original Message -----
>From: "George Edwards" <gtedwards [at] conpoint>
>To: <spf-help [at] v2>
>Sent: Friday, October 05, 2007 6:03 PM
>Subject: [spf-help] help setting up 2 IPs with SPF


>I have 2 IP addresses that I need to send mail from using the same domain.
> No other IP's in the subnet should be sending mail with this domain name.
> One is for our primary mailserver the other is the IP of our billing
> server
> that which directly emails bills to customers. I have had the primary
> mailserver SPF record setup for awhile with no problems. I discovered a
> few
> customers did not get their emailed bills because of spf failures. So I
> tried to add the second IP, but I can not get it to work. I am sure it is
> something obvious--probably something that has been answered many times
> but
> I can not find the answer. I hope someone here can help.
>
> The SPF line in DNS has been setup as follows for sometime without error
> DOMAIN.com. IN TXT "v=spf1 ip4:xxx.xxx.xxx.5/32 a mx a:DOMAIN.com ~all"
>
> I duplicated this line and changed the IP address to the additional IP.
> Adding the following line
> DOMAIN.com. IN TXT "v=spf1 ip4:xxx.xxx.xxx.7/32 a mx a:DOMAIN.com ~all"
>
> The SPF section looks like this.
> DOMAIN.com. IN TXT "v=spf1 ip4:xxx.xxx.xxx.5/32 a mx a:DOMAIN.com ~all"
> DOMAIN.com. IN TXT "v=spf1 ip4:xxx.xxx.xxx.7/32 a mx a:DOMAIN.com ~all"

The right way to do this is like this:

DOMAIN.com. IN TXT "v=spf1 ip4:xxx.xxx.xxx.5 ip4:xxx.xxx.xxx.7 ~all"

Then after you are confident that it is working correctly, change that
"~all" to "-all".

If, as you said, only those (2) IP addresses send email for your domain,
then it doesn't make sense to add the "a" or "mx" or "a:DOMAIN.com" to the
record.

There should only be a single SPF record for each domain name. Having (2)
of them is bound to confuse the issue. Think of it this way.. A server
that is receiving email from one of your servers has to query for all TXT
records for your domain. It would receive all TXT records, and at least
these (2) records both look like valid SPF records, and it doesn't know
which one to use.

Hope this helps,

Michael Breton


-------------------------------------------
-----------------------------------------------------------------------
Archives at http://archives.listbox.com/spf-help/current/ or
http://www.gossamer-threads.com/lists/spf/help/ (easier to search)
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?member_id=1311530&id_secret=50715939-1022f1
Powered by Listbox: http://www.listbox.com

SPF help RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.