Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 6th March 2008, 21:11
wherestheph wherestheph is offline
Junior Member
 
Join Date: Feb 2008
Posts: 15
Thanks: 5
Thanked 0 Times in 0 Posts
Default outgoing email spf question

I have set up an email server using the info at

http://www.howtoforge.com/virtual-us...ysql-centos5.1

and at

http://www.howtoforge.com/how-to-imp...lter-centos5.1

My outgoing SPF appears to not be set right. I am using PHPMailer on machine1, which connects to a postfix smtp server on machine2.

If I set the From: address to foo@domain.com, gmail gives the following headers which include a "temporary" SPF failure which has occured for well over a week.

Code:
Delivered-To: testaccount@gmail.com
Received: by 10.142.214.8 with SMTP id m8cs41243wfg;
        Thu, 6 Mar 2008 11:17:35 -0800 (PST)
Received: by 10.100.135.16 with SMTP id i16mr305334and.96.1204831053926;
        Thu, 06 Mar 2008 11:17:33 -0800 (PST)
Return-Path: <sender@domain.com>
Received: from machine2.domain.com ([75.126.130.115])
        by mx.google.com with ESMTP id d21si5874680and.30.2008.03.06.11.17.21;
        Thu, 06 Mar 2008 11:17:33 -0800 (PST)
Received-SPF: error (google.com: error in processing during lookup of sender@domain.com: DNS timeout) client-ip=75.126.130.115;
DomainKey-Status: good (test mode)
Authentication-Results: mx.google.com; spf=temperror (google.com: error in processing during lookup of sender@domain.com: DNS timeout) smtp.mail=sender@domain.com; domainkeys=pass (test mode) header.From=sender@domain.com
Received: from localhost (unknown [127.0.0.1])
	by machine2.domain.com (Postfix) with ESMTP id 1F10615880F9
	for <testaccount@gmail.com>; Thu,  6 Mar 2008 19:17:21 +0000 (UTC)
X-DomainKeys: Sendmail DomainKeys Filter v0.6.0 machine2.domain.com 1F10615880F9
DomainKey-Signature: a=rsa-sha1; s=default; d=domain.com; c=simple; q=dns;
	b=zwz8iw1m96SILh6Fnvb5mmHUHAv8KZ347e0Ff3YI7NYaaYqG6EmRmJpkZ4v7n7cpk
	MNy1fn2/z9W+dALWfOGQg==
X-Virus-Scanned: amavisd-new at localhost.localdomain
Received: from machine2.domain.com ([127.0.0.1])
	by localhost (machine2.domain.com [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id A12UdWHLGcRl for <testaccount@gmail.com>;
	Thu,  6 Mar 2008 13:17:12 -0600 (CST)
Received: from localhost.localdomain (domain.com [75.126.130.114])
	by machine2.domain.com (Postfix) with ESMTP id 0595215880EA
	for <testaccount@gmail.com>; Thu,  6 Mar 2008 13:17:12 -0600 (CST)
X-DomainKeys: Sendmail DomainKeys Filter v0.6.0 machine2.domain.com 0595215880EA
Date: Thu, 6 Mar 2008 11:17:11 -0800
To: testaccount@gmail.com
From: sender@domain.com
Subject: Someone sent you a private message...
Message-ID: <38a4197807d1892b4c5ea6751b4ba405@localhost.localdomain>
X-Priority: 3
X-Mailer: PHPMailer [version 1.73]
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="iso-8859-1"
If I set the From: address to foo@machine2.domain.com, I get a "neutral" result:

Code:
                                                      Delivered-To: testaccount@gmail.com
Received: by 10.142.214.8 with SMTP id m8cs41741wfg;
        Thu, 6 Mar 2008 11:25:39 -0800 (PST)
Received: by 10.100.254.18 with SMTP id b18mr440279ani.13.1204831538332;
        Thu, 06 Mar 2008 11:25:38 -0800 (PST)
Return-Path: <sender@machine2.domain.com>
Received: from machine2.domain.com ([75.126.130.115])
        by mx.google.com with ESMTP id c23si5057562ana.15.2008.03.06.11.25.37;
        Thu, 06 Mar 2008 11:25:38 -0800 (PST)
Received-SPF: neutral (google.com: 75.126.130.115 is neither permitted nor denied by best guess record for domain of sender@machine2.domain.com) client-ip=75.126.130.115;
DomainKey-Status: good (test mode)
Authentication-Results: mx.google.com; spf=neutral (google.com: 75.126.130.115 is neither permitted nor denied by best guess record for domain of sender@machine2.domain.com) smtp.mail=sender@machine2.domain.com; domainkeys=pass (test mode) header.From=sender@domain.com
Received: from localhost (unknown [127.0.0.1])
	by machine2.domain.com (Postfix) with ESMTP id 2F25015880F9
	for <testaccount@gmail.com>; Thu,  6 Mar 2008 19:25:37 +0000 (UTC)
X-DomainKeys: Sendmail DomainKeys Filter v0.6.0 machine2.domain.com 2F25015880F9
DomainKey-Signature: a=rsa-sha1; s=default; d=domain.com; c=simple; q=dns;
	b=Uww8zvmvlqm3zNJguEJUiK9dg4TL53rbT8adEe5h1wNY6J35BV5oJNkRPpPbwnFZe
	Eg/ZfxxmURfM+VKBxuPZw==
X-Virus-Scanned: amavisd-new at localhost.localdomain
Received: from machine2.domain.com ([127.0.0.1])
	by localhost (machine2.domain.com [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id teHF5vqr6fZ6 for <testaccount@gmail.com>;
	Thu,  6 Mar 2008 13:25:37 -0600 (CST)
Received: from localhost.localdomain (domain.com [75.126.130.114])
	by machine2.domain.com (Postfix) with ESMTP id E942815880EA
	for <testaccount@gmail.com>; Thu,  6 Mar 2008 13:25:36 -0600 (CST)
X-DomainKeys: Sendmail DomainKeys Filter v0.6.0 machine2.domain.com E942815880EA
Date: Thu, 6 Mar 2008 11:25:36 -0800
To: testaccount@gmail.com
From: sender@machine2.domain.com
Subject: Someone sent you a private message...
Message-ID: <c3ed3ebdd7d0a4787b7b18c409e6bc6c@localhost.localdomain>
X-Priority: 3
X-Mailer: PHPMailer [version 1.73]
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="iso-8859-1"
I used the godaddy wizard to generate a txt DNS record which looks like this which I believe says, allow all A record machines to send outgoing mail (machine1 and machine2 both have A records) and include ptr for servers in this domain.

Code:
v=spf1 a mx ptr include:smtp.secureserver.net ~all
What am I doing wrong?

Last edited by wherestheph; 27th March 2008 at 10:22.
Reply With Quote
Sponsored Links
  #2  
Old 7th March 2008, 02:36
wherestheph wherestheph is offline
Junior Member
 
Join Date: Feb 2008
Posts: 15
Thanks: 5
Thanked 0 Times in 0 Posts
Default

I think I have solved most of my problem. The godaddy spf wizard says this: "If the IP addresses listed in A records for your domain in DNS are also outbound mail servers, you should include this option in your new SPF Record." When I read that, I thought that machine2 should be included because it has an A record in my dns.

The wizard to http://old.openspf.org/wizard.html is more explicit and said that only machine1 was included in my spf record. So I added machine2 explicitly to my spf record, and things are good sending with the From: header set to domain.com, with the exception of Yahoo. Does anyone know if DKIM is necessary to send email to Yahoo? Or other sending to Yahoo tricks?

Can I install both Domainkeys and DKIM, or just one or the other. It looks like they use the same _domainkey dns TXT record?
Reply With Quote
  #3  
Old 7th March 2008, 07:32
topdog topdog is offline
Senior Member
 
Join Date: Jan 2008
Location: South Africa
Posts: 1,352
Thanks: 0
Thanked 153 Times in 150 Posts
 
Default

You can user both of them all you need do is change the selector. DKIM is an upgrade of domainkeys some sites are still using domainkeys however that is why you need to run them side by side until domainkeys drops away.
__________________
----
http://www.topdog.za.net - Got Linux problems ? - I can help.
http://www.baruwa.org - Try it.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
postfix bounced email question daveb Server Operation 8 3rd February 2008 20:32
Email problem - all outgoing mail end up as spam haaglin General 8 16th October 2007 17:35
Relay forward all outgoing email simplyworks Installation/Configuration 3 20th July 2006 18:06
Sorry another email question AngelDrago Installation/Configuration 1 24th May 2006 07:34
email forwarding locally consumes all resources rdells General 20 1st May 2006 19:43


All times are GMT +2. The time now is 17:47.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.