Help : DNS TXT Update (MSN Block)

M

Mark_S

Verified User
Joined
Sep 14, 2006
Messages
67
Help : DNS TXT Update (MSN Block)

Background :
Msn have decided that my server is responsible for spam, because
some lazy msn users decided its easier to "Not Safe" me than un-subscribe.

So following there advice i updated the DNS TXT as Follows

TXT "v=spf1 a mx ip4:xx.xx.xx.xx ?all" Original
TXT "v=spf1 a mx ip4:xx.xx.xx.xx -all" amended

2 Questions.

1. Is there an easy way to update all my domains (70) or is it a manual job?
2. If i update the Admin Accounts DNS as above does this mean that any
new domains created will keep the new style TXT ?

Thanks for any help, as Microsoft has pretty much stuffed my week :(
Its not resolved but doing what i can to get things working.
 
The easiest way to make the changes is to do a single line edit (there are many published all over the 'net; google is your friend) on the current zone files, then move the correct template to the custom template directory so new domains will get written that way.

Note however that this change means that neither MSN nor any other domain using SPF when receiving email will be able to receive any email from any domain hosted on your server unless they use your mailserver.

Let me make this a bit more clear: Do you use your ISPs mail server to send mail from domains hosted on your server? Do your clients? You'll find that many do. What about from your laptop when you travel?

This is a very restrictive setting and will probably mean many if not most of your clients will have problems sending mail.

Sure, try it ... but be prepared to want to switch back.

Jeff
 
Hi jlasman,
I'm not sure if all of that has helped me, or i havent given you enough to go on.

My thinking was that if i can find away to change the way Direct Admin
creates a new domain, and the DNS settings could be modified so that
when a new domain is registered the new "-all" is used and not the "-?all"

Modify a template file or somthing.
You see i only have "Microsofts word" that this is a good thing.

I run a forum on my server and i suspect its that domain that has caused
this blocking by microsoft. But until i get into there JMRP i dont know for sure.

So i just for now want to make sure i'm doing the right thing.
And is there a way to modifiy a Direct admin DNS Template so new
domains / accounts created adopt the new settings.

What can i do?
 
I've explained how to make the change to all current domains.

I've explained how to make the change automatic for all domains added to the server.

And I've explained why I don't think you should do it.

What else should I explain?

Or do you want me to do the research as to which template to change?

You can figure that out by grepping the current templates for the old code.

Jeff
 
Thanks for your reply Jlaman.
What i didnt mention is that this area of DNS and Templates is completely new to me, so the explainations you gave have gone over my head, as i dont even know what to search for?

I'm assuming that i search for "zone files"
Then if i find them what to do with it or do i have the correct one?

jlasiman said:
Let me make this a bit more clear: Do you use your ISPs mail server to send mail from domains hosted on your server? Do your clients? You'll find that many do. What about from your laptop when you travel?
Click to expand...

That threw me?
I dont use my ISP's mail server.
I do use outlook or Uebimiau for sending e-mails.

This msn blocking has been a nightmare, and i'm just confused at the moment.

Or do you want me to do the research as to which template to change?
Click to expand...
Nope, but DA do ask to search the forums
for help first and i hoped someone could help.

You can figure that out by grepping the current templates for the old code.
Click to expand...
If i only knew where to look :confused:

Like i say this area of DNS and what and where is all new,
so any replies are gratefully excepted, but i'm new to this area.
I'm obviously worried if i am doing the right / wrong thing.
And if the advice by Microsoft is the correct advice.

Mark
 
Ok.. here's the nitty-gritty for changing ? to - for all existing domains, and all new domains.

1) First change it for domains that don't yet exist:
Code: 
cd /usr/local/directadmin/data/templates/custom
cp ../dns_txt.conf .
#edit the dns_txt.conf that is in the custom directory to show - instead of ?
That takes care of domains that have yet to be created.

2) Now for the mass swapping bit. In this case, we'll use perl since it's only a 1 character swap. If you'r using linux (rehdat/centos/enterprise), the db files are in /var/named... freebsd in /etc/namedb and for debian it's in /etc/bind. We'll assume linux for this example.
Code: 
cd /var/named
perl -pi -e 's/\?all/\-all/' *.db
And that's is. Restart named to use the new values.

John
 
Thank you for your reply and e-mail.

I will give this a shot over the Easter Period.

Thanks again.
 
Let us know how this works for you. We tried it when we first added spf records to DA years ago, and it caused a lot of problems for all the reasons I gave.

So I neither recommend it nor will use it.

I want all my emails and my clients' emails to be delivered.

-all means that email from the domain in question will ONLY be delivered if it comes from your server, if the recipient server uses SPF to limit receiving emails.

I've already mentioned lots of reasons why email may not originate from the server in your SPF record.

Jeff

Jeff
 
Where i'm at at the moment is this.

I changed the domain i suspected the one with the forums.
I change this manually in the DNS Managment. to -all

jlasiman
Let me make this a bit more clear: Do you use your ISPs mail server to send mail from domains hosted on your server? Do your clients? You'll find that many do. What about from your laptop when you travel?
Click to expand...

Now it may just be me but i cant picture this.
I know your right but i cant picture the set up?

I'm in the UK so an ISP is the likes of BT Broadband (Connection to your door).
My Hosting server is My server.

So am i right in saying that if i was as you say using my /webmail (Uebimiau).
from my server the changes could cause problems?

I'm just not picturing the set up to understand the warnings :(

Up to now, the domain with the changes, has'nt caused any problems
but then again ive not had any complaints from msn either.

Sorry for sounding Dum on a easy question :(
 
The way I understand it if you use -all then you have to use your mail server to send mail with your domain in the from address. If you use your isp's mail server to send mail then any mail server using spf will reject your mail. This is true for all of the domains hosted on your server if you change all of them.

Many times there are situations where you are not using the mail server where your domains are hosted to send mail with your domain in the from address. Any mail server using spf will reject your mail in these cases.
 
floyd said:
Many times there are situations where you are not using the mail server where your domains are hosted to send mail with your domain in the from address. Any mail server using spf will reject your mail in these cases.
__________________
But that's just my opinion, I could be wrong.
Click to expand...
In fact you're absolutely right.

Jeff
 
You must log in or register to reply here.
Back
Top