Ok, I have been using a catch-all email address for a very long time... so whenever I needed to sign-up at some place (e.g. http://www.somedomain.com) I entered as email address: www.somedomain.com [at] roleplayer [dot] org. That way I could easily track where my email address was leaking. From time to time some people forged a roleplayer dot org email address and it was then bounced back... that wasn't that bad. However yesterday, within two hours I got over 160 such bounce backs ( http [column slash slash] t390[dot] greatnet [dot] de [slash] cgi-bin [slash] mailgraph [dot] cgi ). For the moment I did now deactivate that catch-all email but as you can see, there are still a lot of rejected emails (although it's turning towards normal again). I use the postfix integrated UCE mechanisms, greylisting and rbls but that didn't help much as you can see. So I started setting up SPF (according to the howto) and I wonder now if my SPF entry is correct. The SPF entry should do the following: - bind roleplayer [dot] org to the IP 18.104.22.168 - say ok to any subdomain sending mail through 22.214.171.124 - also say ok to the hostname given by my ISP t390 [dot] greatnet [dot] de - return false from any "roleplayer [dot] org" email that is not being sent through the 126.96.36.199 ip address Here's the SPF entry I added to the bind zone file: Code: roleplayer [dot] org. IN TXT "v=spf1 a mx ptr a:t390 [dot] greatnet [dot] de ~all" of course [x] has to be replaced by the according character.