Right my relay might want it but if so that would be in my internal view. The Exchange and Sendmail servers only allow relay from specific locations and neither is using SPF to authenticate so far as I know.
My question was more related to external view - what do people on the internet expect to see defined as SFP/TXT record to verify it is a valid email? I'm quite certain Sendmail is not sending any water.com email and that Exchange is not sending any waterinvoice.com email based on the Sendmail configuration of atuprd01.water.com - it uses a mailer table to determine which host to relay through specifically based on the domain of the email message "sender". -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Matus UHLAR - fantomas Sent: Wednesday, June 17, 2009 11:10 AM To: [email protected] Subject: Re: SPF/TXT records On 17.06.09 10:46, Jeff Lightner wrote: > When one sets SPF/TXT record is it for the relay server/IP that sent the > email to the internet or the originating one? maybe even both. If the outgoing mail relay checks for SPF, and you don't use SMTP authentication (in which case relays may not check for SPF), you need SPF for originating server to, so the relay doesn't reject the mail imediately. If the relay sends such mail to other servers, its IP should be in SPF too. I have SPF for fantomas.sk: fantomas.sk. 43200 IN SPF "v=spf1 mx -all" it should be checked when someone is trying to send mail with @fantomas.sk as envelope from address. > For example we have a server (atuprd01.water.com) that can not be > reached via the internet. Email originating there is relayed through > our MS-Exchange server (if sent with domain water.com) or a Linux > Sendmail server (if sent with domain waterinvoice.com). All email sent > via exchange goes out an IP separate from incoming mail (MX) IP. All > email sent via Sendmail has a separate IP from incoming mail (MX) IP. > > Should the SPF specify the outbound IP (e.g. 12.44.84.204 for > atlsnml2.waterinvoice.com) for the Sendmail server email or the IP/name > for atuprd01.water.com? water.com should have your ms exchange's IP and waterinvoice.com should have your linux servers' IP. Watch out if there is really no email going from water.com via your linux server and no mail coming from waterinvoice.com via your exchange server... I assume -- Matus UHLAR - fantomas, [email protected] ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. 99 percent of lawyers give the rest a bad name. _______________________________________________ bind-users mailing list [email protected] https://lists.isc.org/mailman/listinfo/bind-users Please consider our environment before printing this e-mail or attachments. ---------------------------------- CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you. ---------------------------------- _______________________________________________ bind-users mailing list [email protected] https://lists.isc.org/mailman/listinfo/bind-users
