rob.macgregor at gmail
Apr 19, 2008, 11:35 AM
Post #2 of 2
Rushdy, you should sign up with the mailing list if you want to
continue this (if you haven't already done so)
> From: "Rushdy El-Ghussein" <rushdy [at] ibtinc>
> > IBT hosts its exchange server but we do not administer our own DNS. Our ISP is Verio and they have an MX record that directs e-mail to our exchange server.
> > To my knowledge, we never set SPF record. Lately we are getting lots of SPAM e-mail that I can trace back or determine where it is coming from. Our spam filter is not catching this. I am thinking to initiate SPF. I am not sure if this will help or hurt.
> > If someone think that it will help, how do I go about this? Do I need to do this on my exchange server or where my MX record is located.
You need to do this on your public DNS servers. The FAQ contains lots
of useful information (I'd particularly direct you to
http://www.openspf.org/FAQ/Common_mistakes, where you'll get a good
summary of what you need to do).
Roughly, the process is:
1) Identify all the servers that *send* mail on behalf of your domain
2) Create an SPF record that lists those servers (ideally use the IP
addresses). At the simplest if your Exachange server is the only
server that sends mail for your domain then the following will work:
v=spf1 mx -all
Though "v=spf1 ip4:184.108.40.206 -all" would be a better record (less
DNS lookups) if mail.ibtinc.com is the only server that sends mail for
3) Create an SPF record for your Exchange server's HELO/EHLO name (see
the FAQ above). If it uses mail.ibtinc.com then you would publish a
TXT record for "mail.ibtinc.com" of "v=spf1 ip4:220.127.116.11 -all"
Don't forget to enable SPF checking on your Exchange server. The SPF
site has a list of software (http://www.openspf.org/Implementations)
and I can see at least 4 for various versions of Exchange.
Please keep list traffic on the list.
Whoever fights monsters should see to it that in the process he
doesn't become a monster. Friedrich Nietzsche
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
RSS Feed: http://www.listbox.com/member/archive/rss/1020/
Powered by Listbox: http://www.listbox.com