Questions about the SPF TXT records in DNS
I am pleased to see that BH added TXT records in DNS for two of my domains that implement Sender Policy Framework (spf).
But I'm curious about it. Here is the record:
"v=spf1 a mx ptr include:bluehost.com ?all"
Why is there a ptr mechanism? Since I do not have a dedicated IP address, it will never pass the test.
Not all of my domains have the entry. Why not?
Wouldn't it make sense to make the first mechanism "ip4:220.127.116.11" so valid email passes quicker? (If BH uses a different server for outgoing mail than the domain host, it should be hard-coded there.)
In fact, why have a and mx mechanisms when they both resolve to the same address?
If spf is working well enough, I would like to replace ?all with -all so that fraudulent email gets rejected, at least at some sites. Is it working well enough? How can I change it?