2

I have a shared hosting server and have been spilling my brains out trying to find a SPF record that is globally accepted by other hosts.

Let's take the domain gimsid.ro. Which can send mail to any domain, except one of our clients, which denies meessages because of incorrect SPF record.

Now, when I check with the Kitterman tool (at kitterman.com) it says that it passes all the tests.

When I check with MXtoolbox (http://mxtoolbox.com/SuperTool.aspx?action=spf%3agimsid.ro&run=toolpage) is says that it's not valid.

I always try to use a SPF record like this:

example.com -- v=spf1 a mx ip4:12.34.567.89 mx:example.com ~all

where 12.34.567.89 is the IP I have assigned to that domain.

Am I doing something wrong ? Is there a "globally accepted" SPF record?

MadHatter
  • 78,442
  • 20
  • 178
  • 229
andrei.troll
  • 41
  • 1
  • 7

1 Answers1

1

It's not the soft fail (more's the pity) because mine has a hard fail (-all), and it still failed their checker.

It's the absence of an actual SPF record. You, like me, only have an SPF record of DNS type TXT. If you, as I did, add a record of DNS type SPF which contains exactly the same thing as your TXT record, it all magically goes green.

It's even saying that, if you look: green tick by the TXT record, yellow exclamation mark by the SPF record, and a correct statement: a valid SPF record was not found. Shame that last statement is highly ambiguous. What a useless checker.

Edit: if your current DNS provider doesn't support that record type, and you really care that this stupid record checker is giving you grief, then you'll have to find a better DNS provider. DNS itself certainly supports the record type; try dig spf teaparty.net to see my shiny new record, specifically added to test this answer!

MadHatter
  • 78,442
  • 20
  • 178
  • 229
  • Thank you for the reply. Only problem is that I don't have a SPF record to add to my DNS zone. I can add TXT, SRV, PTR, A, MX, etc entries. How can I add a SPF record ? L.E. Useless indeed – andrei.troll Apr 24 '14 at 12:36
  • It's fine, glad to help. I've retracted my close vote (and edited the question title to make it a bit clearer that it's not really a question about SPF records). By the way, you might want to revisit some of your older questions and accept the best answer in each case; it's the polite thing to do, and it drives the SF reputation system for both you and the author of the answer. – MadHatter Apr 24 '14 at 12:37
  • Actually, I am the DNS provider :) And the problem is that I can't send mail to a certain domain because of that SPF record. I don't really care what MxToolbox says. I just want the mail to arrive at the destination. – andrei.troll Apr 24 '14 at 12:42
  • Then you'll need to change DNS provider (that is, use a better DNS server implementation, or outsource it to someone who does). I think this is pretty clear: you can't change what that online checker says. If you have a business dependency on that checker saying something else, then you have no choice but to define an RR of the correct type. If you can't do that with your current setup, change the setup. – MadHatter Apr 24 '14 at 12:45
  • So, maybe implementation of SPF records in my DNS could solve this problem. Can I draw that conclusion ? Many thanks, MadHatter – andrei.troll Apr 24 '14 at 12:53
  • It's certainly the conclusion I draw. PS: **go accept answers to some of your older questions**. – MadHatter Apr 24 '14 at 12:54