| Linode Forum https://forum.linode.com/ |
|
| Linode DNS manager, spf and google apps https://forum.linode.com/viewtopic.php?f=11&t=5820 |
Page 2 of 2 |
| Author: | Stever [ Mon Jul 26, 2010 3:41 pm ] |
| Post subject: | |
adrian18w wrote: Ok, that didn't seem to work. Spf record not found "Received-SPF: neutral (google.com: 74.207.235.111 is neither permitted nor denied by best guess record for domain of www-data@mail.adrianm.com) client-ip=74.207.235.111;"
You are sending mail from www-data@mail.adrianm.com, so you need an SPF record for mail.adrianm.com. The SPF record for adrianm.com does not apply to subdomains. Or you could change your config to make the mail from your server come from www-data@adrianm.com. |
|
| Author: | adrian18w [ Tue Jul 27, 2010 5:15 am ] |
| Post subject: | |
Stever wrote: adrian18w wrote: Ok, that didn't seem to work. Spf record not found "Received-SPF: neutral (google.com: 74.207.235.111 is neither permitted nor denied by best guess record for domain of www-data@mail.adrianm.com) client-ip=74.207.235.111;" You are sending mail from www-data@mail.adrianm.com, so you need an SPF record for mail.adrianm.com. The SPF record for adrianm.com does not apply to subdomains. Or you could change your config to make the mail from your server come from www-data@adrianm.com. So how can I create a spf for a subdomain in the Linode DNS manager? |
|
| Author: | BrianJM [ Tue Jul 27, 2010 9:53 am ] |
| Post subject: | |
adrian18w wrote: So how can I create a spf for a subdomain in the Linode DNS manager?
Take a look at this post: http://linode.com/forums/viewtopic.php?p=26166&sid=179baaa0559fa31b0e217592cbfdf35d#26166 |
|
| Author: | Stever [ Tue Jul 27, 2010 10:35 am ] |
| Post subject: | |
adrian18w wrote: So how can I create a spf for a subdomain in the Linode DNS manager? Add a new txt record, and set the "name" field in the linode DNS manager to the subdomain. Quote: - adrianm.com
name: mail value: v=spf1 a -all It is also good practice to set an SPF record for any hosts that do not send mail. So my normal SPF setup for a domain where I send and receive all mail for the domain on the same host will look something like so: Code: Name Value The first line means any mail from @example.com must originate from the server(s) that receive mail for @example.com. The second line means mail from @mail.example.com must originate from the host mail.example.com, and it also means that any host that uses a HELO greeting of mail.example.com must match the IP for mail.example.com. The last line says all mail claiming to be from @www.example.com should be discarded. Any host that has an A record but doesn't send mail can be given one of these lines. |
|
| Author: | adrian18w [ Tue Jul 27, 2010 10:46 am ] |
| Post subject: | |
Stever wrote: adrian18w wrote: So how can I create a spf for a subdomain in the Linode DNS manager? Add a new txt record, and set the "name" field in the linode DNS manager to the subdomain. Quote: - adrianm.com name: mail value: v=spf1 a -all Doesn't work. "The following errors were generated: # Record conflict - CNAMES must be unique" Thanks 
|
|
| Author: | Stever [ Tue Jul 27, 2010 11:10 am ] |
| Post subject: | |
adrian18w wrote: # Record conflict - CNAMES must be unique" http://www.openspf.org/DNS#Resource-Record Quote: CNAME
roughly saying: "this is not an official name. Look there instead." If a domain has a CNAME RR, there cannot be another kind of RR (there's one exception, which will not be discussed here). For e-mail, and thus for SPF, you will need to look at the official domain name. Example: "alias.example.org. CNAME canonicalname.example.org." means you need to define an SPF policy for canonicalname.example.org and not for alias.example.org. I would probably suggest that you change the CNAME you have in place for mail to an A record. |
|
| Author: | adrian18w [ Tue Jul 27, 2010 11:34 am ] |
| Post subject: | |
Stever wrote: adrian18w wrote: # Record conflict - CNAMES must be unique" http://www.openspf.org/DNS#Resource-Record Quote: CNAME roughly saying: "this is not an official name. Look there instead." If a domain has a CNAME RR, there cannot be another kind of RR (there's one exception, which will not be discussed here). For e-mail, and thus for SPF, you will need to look at the official domain name. Example: "alias.example.org. CNAME canonicalname.example.org." means you need to define an SPF policy for canonicalname.example.org and not for alias.example.org. I would probably suggest that you change the CNAME you have in place for mail to an A record. Ok, so that would mean I would have to use an IP address instead of a domain. This might be a problem, because google wants you to use a CNAME when directing mail.adrianm.com to google apps (ghs.google.com), or I could just change the CNAME to mail1.adrianm.com. |
|
| Author: | hoopycat [ Tue Jul 27, 2010 12:33 pm ] |
| Post subject: | |
mail.adrianm.com can't be both the name of your server and an alias of ghs.google.com. The best long-term option might be to rename the server, since if it's not the mail server, it's confusing to call it "mail." (See RFC 1178 for guidance.) However, using something like ghs.adrianm.com as the alias for ghs.google.com would be a decently quick and technically valid fix. |
|
| Author: | adrian18w [ Sun Aug 01, 2010 9:18 am ] |
| Post subject: | |
Ok, thanks guys. Everything works now 
|
|
| Page 2 of 2 | All times are UTC-04:00 |
| Powered by phpBB® Forum Software © phpBB Group http://www.phpbb.com/ |
|