You're right.. it seems to be for domain names and I got error messages telling me that it's trying to look up the A and MX records off the IP.. so I'm in the process of changing it.

It really does take a while huh.. waiting for the changes to propagate.

Another question.. is this enough or should I get DKIM and sender ID working as well?

You're right.. it seems to be for domain names and I got error messages telling me that it's trying to look up the A and MX records off the IP.. so I'm in the process of changing it.

It really does take a while huh.. waiting for the changes to propagate.

Another question.. is this enough or should I get DKIM and sender ID working as well?

I'd probably just stick with the SPF. It ought to address the primary issue you were running into.

-- David

SPF is harmful; it shouldn't be used.

Well, I don't know. I'm sure I got the SPF records right, but any new mail account always gets into gmail's spambox. At least it even gets there now.. it didn't even make it to the spambox last time.

Does the GMail Received-SPF header on the messages show that it passed?

If so, then I'm not sure, unless the format of the messages is very spam-like (mostly images, MIME with only an HTML variant, etc...), in which case maybe it's just going to take some training or whitelisting.

-- David

Hmm, I see.. I just checked and gmail seems to be OK with the SPF
(Received-SPF: pass ) after checking the original message.

Could it be because citadel mails using html? I mean, even with empty messages, it still appends a <body> etc on the message..

wait.. what?

Ignore him, he feels the need to make that unsupported statement in every thread than mentions SPF. Like it or not, SPF is being used by some receivers.

If you don't like it, then publish something like this (from here):

"v=spf1 +all"
The domain owner thinks that SPF is useless and/or doesn't care.

That record basically tells the receiver not to check SPF, but it gets you through the hoop that you have an SPF record.

Well, it can't be solely because of that, since clearly a whole lot of email nowadays contains an HTML section, but yeah, the only thing I can think of is that something about the formatting/contents of your test messages are causing them to be considered highly likely to be spam.

I'm assuming that the core formatting of the messages is correct, and that, for example the MIME headers properly identify your HTML section as being HTML.

For test purposes, generating a plain text email (even if you do it manually) would be a useful test. You may also find that your test messages are so short that the ratio of contents to the HTML overhead is affecting the spam classification.

If you're testing with empty messages, that in and of itself might be a flag to GMail (e.g., no contents), so I'd try testing with a more realistic message.

Beyond that though, not sure what to say.

-- David

Here is an (admittedly somewhat outdated) essay on the badness of SPF. These are the highlights:

* SPF breaks pre-delivery forwarding.
* SPF hijacks existing DNS mechanisms.
* SPF gives ISPs a "lock-in" weapon against their customers.
* SPF is useless for several entire classes of people.
* SPF relies upon DNS for security, but DNS isn't a security service.
* SPF is vulnerable to race conditions during database changes.
* SPF creates new categories of third class citizenship.
* SPF doesn't actually address unsolicited bulk mail at all.
* SPF hands Verisign its next unwelcome "innovation" on a platter.