Ok, I have been using a catch-all email address for a very long time... so whenever I needed to sign-up at some place (e.g. http://www.somedomain.com
) I entered as email address: www.somedomain.com
[at] roleplayer [dot] org.
That way I could easily track where my email address was leaking.
From time to time some people forged a roleplayer dot org email address and it was then bounced back... that wasn't that bad. However yesterday, within two hours I got over 160 such bounce backs ( http [column slash slash] t390[dot] greatnet [dot] de [slash] cgi-bin [slash] mailgraph [dot] cgi ).
For the moment I did now deactivate that catch-all email but as you can see, there are still a lot of rejected emails (although it's turning towards normal again).
I use the postfix integrated UCE mechanisms, greylisting and rbls but that didn't help much as you can see.
So I started setting up SPF (according to the howto) and I wonder now if my SPF entry is correct.
The SPF entry should do the following:
- bind roleplayer [dot] org to the IP 126.96.36.199
- say ok to any subdomain sending mail through 188.8.131.52
- also say ok to the hostname given by my ISP t390 [dot] greatnet [dot] de
- return false from any "roleplayer [dot] org" email that is not being sent through the 184.108.40.206 ip address
Here's the SPF entry I added to the bind zone file:
roleplayer [dot] org. IN TXT "v=spf1 a mx ptr a:t390 [dot] greatnet [dot] de ~all"
of course [x] has to be replaced by the according character.