KenJackson
06-17-2007, 05:00 AM
I am pleased to see that BH added TXT records in DNS for two of my domains that implement Sender Policy Framework (http://en.wikipedia.org/wiki/Sender_Policy_Framework) (spf).
But I'm curious about it. Here is the record:
"v=spf1 a mx ptr include:bluehost.com ?all"
Why is there a ptr mechanism? Since I do not have a dedicated IP address, it will never pass the test (http://en.wikipedia.org/wiki/Forward_Confirmed_reverse_DNS).
Not all of my domains have the entry. Why not?
Wouldn't it make sense to make the first mechanism "ip4:69.89.22.117" so valid email passes quicker? (If BH uses a different server for outgoing mail than the domain host, it should be hard-coded there.)
In fact, why have a and mx mechanisms when they both resolve to the same address?
If spf is working well enough, I would like to replace ?all with -all so that fraudulent email gets rejected, at least at some sites. Is it working well enough? How can I change it?
But I'm curious about it. Here is the record:
"v=spf1 a mx ptr include:bluehost.com ?all"
Why is there a ptr mechanism? Since I do not have a dedicated IP address, it will never pass the test (http://en.wikipedia.org/wiki/Forward_Confirmed_reverse_DNS).
Not all of my domains have the entry. Why not?
Wouldn't it make sense to make the first mechanism "ip4:69.89.22.117" so valid email passes quicker? (If BH uses a different server for outgoing mail than the domain host, it should be hard-coded there.)
In fact, why have a and mx mechanisms when they both resolve to the same address?
If spf is working well enough, I would like to replace ?all with -all so that fraudulent email gets rejected, at least at some sites. Is it working well enough? How can I change it?