Another SPF (Newbie) question

[rrts]

This is my host name details:
host.myhost.com
ns1.myhost.com (ip - 1.2.3.4)
ns2.myhost.com (ip - 11.22.33.44)

THREE of my clients has this SPF record in their site's DNS: (site1.com, site2.com, site3.com. All sites are on their dedicated ips)
v=spf1 a mx ip4:1.2.3.4 ~all

So far it is OK.

My question is:
What is the format of the SPF record for 'myhost.com'? Because it should tell that ONLY these 3 sites are allowed to send email from it. NO OTHER sites. Right?

thanks.

 

[nobaloney]

myhost.com doesn't have an SPF record.

Information about SPF may be found here.

Jeff

 

[rrts]

OK then.

One of the client complaining that he is receiving spam from his own email address. ([email protected])

Receiving mail server checks my client's SPF record and should reject the spam email. right?

thanks Jeff.

 

[tillo]

No, it should not, but it can. Because it's "~all", not "-all".
Usually an email sent from a SoftFail address (~) passes the MTA check but SpamAssassin (if configured to check SPF) pushes up the probablity that it is spam.

If you are perfectly sure that your IP address is the only one that will ever send an Email for that domain modify ~all with -all.
Otherwise, configure your SpamAssassin to use SPF and set the rule to an high value (over the threshold). The mail will pass as spam.

 

[rrts]

If you are perfectly sure that your IP address is the only one that will ever send an Email for that domain modify ~all with -all.

He sends his email from his squirellmail PLus his installed scripts on his site.

How can I make sure the email from his website, using only his website mail server and server ip? Not actually using his ISP ip? I mean in headers of his email I am seeing only his website email 'envelop from' + server main ip.

thanks.

 

[tillo]

Any PHP mailing system uses the local MTA for delivery, as for squirrelmail. You can change ~all with -all without risk.

 

[nobaloney]

Not really.

As you wrote:

any PHP mailing system uses the local MTA for delivery

So, for example, the client's user visits a website. At that website he fills out a form for more information, and of course enters his own email address into the form.

The form uses his email address as the From address (as many do), and the email gets sent using his email address but the mail server of the site he's visiting. And the email may never get delivered, depending on whether or not the recipient's email server is honoring the -all setting.

So, rrts, go ahead ahead and make the change to the client's SPF record if you really don't want him to be able to use sites with forms.

Otherwise, be careful.

There are lots of reasons why SPF is close to useless as a determinator of spam.

Jeff