| 1 |
The only servers that need inclusion in the SPF declaration are servers |
| 2 |
that will be passing email out of your domain. |
| 3 |
|
| 4 |
Other internal servers don't matter, as they never connect to anyone elses |
| 5 |
email servers. |
| 6 |
|
| 7 |
|
| 8 |
On 25 April 2013 17:30, Vinícius Ferrão <viniciusferrao@×××××××.br> wrote: |
| 9 |
|
| 10 |
> Hello Robert, |
| 11 |
> |
| 12 |
> The internal MTA has an Internet facing address since we have a plenty |
| 13 |
> of them we just use it. |
| 14 |
> |
| 15 |
> Ordinary users connect through this internal MTA to send/receive mail. |
| 16 |
> But everything that goes outside of the domain goes through the Postfix |
| 17 |
> server. So I'm just uncertain about this configuration. Since the message |
| 18 |
> originates in the internal MTA and the its relayed to the Postfix server... |
| 19 |
> |
| 20 |
> So I just need to know if the SPF record should include the internal MTA |
| 21 |
> too, since the postfix server is already in the SPF declaration. |
| 22 |
> |
| 23 |
> Thanks in advance, |
| 24 |
> |
| 25 |
> Sent from my iPhone |
| 26 |
> |
| 27 |
> On 25/04/2013, at 13:03, "Robert Bridge" <robert@××××××××.com> wrote: |
| 28 |
> |
| 29 |
> Just the internet facing one, as I understand it. Nothing else should |
| 30 |
> ever see the internal MTA, and it may not even have a routable IP address! |
| 31 |
> |
| 32 |
> |
| 33 |
> On 25 April 2013 16:57, Vinícius Ferrão <viniciusferrao@×××××××.br> wrote: |
| 34 |
> |
| 35 |
>> Hello Halassy, thanks for your reply. |
| 36 |
>> |
| 37 |
>> I'm aware of the syntax, I just mistyped it. |
| 38 |
>> |
| 39 |
>> The main question still continues, should I put both MTAs or just the |
| 40 |
>> Internet facing one? |
| 41 |
>> |
| 42 |
>> Thanks in advance, |
| 43 |
>> |
| 44 |
>> Sent from my iPhone |
| 45 |
>> |
| 46 |
>> On 25/04/2013, at 05:14, "Halassy Zoltán" <zhalassy@×××××××.hu> wrote: |
| 47 |
>> |
| 48 |
>> > Hello! |
| 49 |
>> > |
| 50 |
>> > Using MX in SPF record is a simple way to describe trivial two-way |
| 51 |
>> setups, that is, MX will also send the mails, not just receive them. If you |
| 52 |
>> have a non-trivial setup, you can use, for example IP addresses, like ip6: |
| 53 |
>> and ip4:. Add every address which from a mail could possibly leave your |
| 54 |
>> organization, and that's it, do not use MX. BTW, the syntax is v=spf1, not |
| 55 |
>> what you wrote. |
| 56 |
>> > |
| 57 |
>> > 2013-04-25 01:32 keltezéssel, Vinícius Ferrão írta: |
| 58 |
>> >> I've a question about the SPF setup in my domain. |
| 59 |
>> >> |
| 60 |
>> >> We have two MTAs: an exchange server that does not use SMTP to relay |
| 61 |
>> messages to the Internet and a Postfix Mail Gateway on the border to send |
| 62 |
>> and receive messages to/from the internet. |
| 63 |
>> >> |
| 64 |
>> >> The clients connect on the Exchange Server to relay messages to the |
| 65 |
>> external world. So an SMTP connection would start in the Exchange, then it |
| 66 |
>> relays to the Postfix server and then to the Internet. On the other hand |
| 67 |
>> when a message come from the Internet it first arrives in the Postfix |
| 68 |
>> server and after the processing it's handled to the Exchange server. |
| 69 |
>> >> |
| 70 |
>> >> The question is: which SPF TXT string I should use? |
| 71 |
>> >> |
| 72 |
>> >> The Postfix server is my only MX. And I don't know if I should include |
| 73 |
>> the Exchange Server name in the SPF rules. |
| 74 |
>> >> |
| 75 |
>> >> I was considering: vspf=1 mx -all |
| 76 |
>> >> |
| 77 |
>> >> But this does not include the Exchange, and I don't know if it's right |
| 78 |
>> or not. |
| 79 |
>> > |
| 80 |
>> > |
| 81 |
>> |
| 82 |
>> |
| 83 |
> |
Archives