Two IP SPF Problem

A

altayevrim

Verified User
Joined
Oct 6, 2019
Messages
16
Hi,

I am new to the DA and I looked but couldn't find a solution. I have an extra ddos protected IP, so including my nameserver all of my domains uses the second, shared IP. But my DA license and main server IP is still using the main IP.

It's all working fine except mails. Mail Tester score is 2.9/10. I am getting SPF

Here the results.

Sender Policy Framework (SPF) is an email validation system designed to prevent email spam by detecting email spoofing, a common vulnerability, by verifying sender IP addresses.

What we retained as your current SPF record is:

v=spf1 a mx ptr ip4:[DDOS.PROTECTED.IP] ~all

It should be changed to:

v=spf1 a mx ptr ip4:[DDOS.PROTECTED.IP] ip4:[MAIN.SERVER.IP] ~all

Need guidance? View guides for each host.

More information about this error:

mydomain.com: Sender is not authorized by default to use '[email protected]' in 'mfrom' identity, however domain is not currently prepared for false failures (mechanism '~all' matched)

Verification details:

dig +short TXT mydomain.com :

"v=spf1 a mx ptr ip4:[DDOS.PROTECTED.IP] ~all"

dig +short TXT @8.8.8.8 mydomain.com :

"v=spf1 a mx ptr ip4:[DDOS.PROTECTED.IP] ~all"

spfquery --scope mfrom --id [email protected] --ip [MAIN.SERVER.IP] --helo-id hostname.mydomain.com :

softfail
mydomain.com: Sender is not authorized by default to use '[email protected]' in 'mfrom' identity, however domain is not currently prepared for false failures (mechanism '~all' matched)
mydomain.com: Sender is not authorized by default to use '[email protected]' in 'mfrom' identity, however domain is not currently prepared for false failures (mechanism '~all' matched)
Received-SPF: softfail (mydomain.com: Sender is not authorized by default to use '[email protected]' in 'mfrom' identity, however domain is not currently prepared for false failures (mechanism '~all' matched)) receiver=ns303428.ip-94-23-206.eu; identity=mailfrom; envelope-from="[email protected]"; helo=hostname.mydomain.com; client-ip=[MAIN.SERVER.IP]
Click to expand...

SpamAssasion also hates me. I think it is due to main-ddos IP difference.

-1.274 RDNS_NONE Delivered to internal network by a host with no rDNS
This may indicate you do not have a rDNS configured for your hostname or the rDNS does not match your sending IP
-0.896 SPF_HELO_SOFTFAIL SPF: HELO does not match SPF record (softfail)
softfail
-0.972 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail)
Your SPF is not valid, you should fix it (see below in the server authentication area)
Click to expand...

What should I do? Should I remove/reset my VPS and reinstall DirectAdmin to my DDoS Protected IP? Or is there are any fix?
Thanks..
 
Hello,

See:

- This may indicate you do not have a rDNS configured for your hostname or the rDNS does not match your sending IP. - change rDNS to match your hostname

ip4 should contain IP from which an email is sent, it is not necessary IP of a web-server. In your case it will be a main IP of your server. If you want to hide the main unprotected IP you will need to configure exim to use your protected IP.
 
Thank you very much, I'll do that! You were also very helpful about Server Hardening, I'm glad that I ordered your services.
 
You must log in or register to reply here.
Back
Top