On 22/07/2010, at 6:10 PM, SIMON WALKDEN wrote:
I've seen a lot of clients' outbound mail
rejected in the last 12
months due to SPF issues; particularly mail being delivered to
secureMX, or Xtra. The plan of attack was usually:
1. do they appear on any RBL's? (self explanatory, I know, just
thought I'd list it)
2. does the HELO ID of their server match the MX record for the domain?
3. does the MX record (and HELO ID) contain the terms 'smtp' or
'mail'? (strange I know, but it's made a difference)
In what way does it make a difference?
4. does a PTR record exist for the mail server's
5. does the domain have a valid SPF record?
If all these criteria are met, you really shouldn't have any problems
passing go & collecting $200.
I would love to be able to use HELO/EHLO when deciding what to accept but my own testing
shows far too many false positives. A few years ago and in another role I saw:
but I've seen similar problems recently when I last looked.
I suspect we need a "Strict HELO/EHLO Day" where enough of the world's
sysadmins unite to put strict settings on what they accept to force those with crap in
their HELO/EHLO to do something about it.
On 22 July 2010 17:22, Mark Wakefield <mark.wakefield(a)modicagroup.com> wrote:
On 22/07/10 16:36, Regan Murphy wrote:
It appears that safegas.co.nz have their mail configured to come via
hosts.net.nz, and their on-premise mail server is enforcing SPF which should
break for anyone sending them email.
>> MX records for domain safegas.co.nz Your 1 MX records are:
>> 10 mta.hosts.net.nz ip=188.8.131.52
mail.safegas.co.nz is W3's server (rua.w3host.co.nz) so they're going to be
the ones to sort it out.
W3 should also look at putting a firewall in front of that server...
NZNOG mailing list
"Catapultam habeo. Nisi pecuniam omnem mihi dabis, ad caput tuum saxum
NZNOG mailing list
.nz Registry Services (New Zealand Domain Name Registry Limited)
desk: +64 4 931 6977
mobile: +64 21 678840