My question is simply this - I have a domain where all the DNS records to a single box. Do I need to setup an SPF record in this instance as SPF is designed for where a different IP is sending emails on behalf of that domain. Is there any extra benefit of doing it?
Asked
Active
Viewed 139 times
0
-
2You are wrong about what SPF is for; it is still perfectly applicable if only a single system handles all your mail (your DNS settings are irrelevant for SPF record purposes save inasmuch as your DNS servers will need to serve the record). I strongly recommend you read [our canonical question on SPF](http://serverfault.com/questions/369460/what-are-spf-records-and-how-do-i-configure-them) and then either edit or delete this question. – MadHatter Nov 26 '14 at 09:44
1 Answers
2
Yes!
It's not necessary per se, but highly recommendable. It's not so much about overcoming the ability to send email, but about protecting domain reputation.
With no SPF record in place, receiving parties have little information to go on when determining validity and authenticity of messages claiming to originate from your domain. By publishing a restrictive SPF record, you can actively let recipients know that they should not trust email coming from other MTA's than your single box (or maybe not trust ANY email claiming to come from your domain).
In a scenario where mail is occasionally sent from that single IP:
v=spf1 a -all
In a scenario where no mail will ever be sent from your domain:
v=spf1 -all
Mathias R. Jessen
- 24,907
- 4
- 62
- 95