The UNIX and Linux Forums  
Hello and Welcome from United States to the UNIX and Linux Forums! Thank You for Visiting and Joining Our Global Community.

Go Back   The UNIX and Linux Forums > Top Forums > UNIX for Dummies Questions & Answers
.
google unix.com



UNIX for Dummies Questions & Answers If you're not sure where to post a UNIX or Linux question, post it here. All UNIX and Linux newbies welcome !!

More UNIX and Linux Forum Topics You Might Find Helpful
Thread Thread Starter Forum Replies Last Post
how to put nil at the end of each records. happyv Shell Programming and Scripting 2 07-19-2007 11:20 PM
Count No of Records in File without counting Header and Trailer Records guiguy Shell Programming and Scripting 2 06-07-2007 12:15 PM
Records charbel Shell Programming and Scripting 3 06-29-2006 09:16 AM
How to calculate a sum of certain records? sickboy Shell Programming and Scripting 10 06-10-2005 11:43 AM
A records Deuce UNIX for Dummies Questions & Answers 3 09-25-2001 11:42 AM

Closed Thread
English Japanese Spanish French German Portuguese Italian Dutch Swedish Russian Norwegian Hungarian Hebrew Danish
 
LinkBack Thread Tools Search this Thread Rate Thread Display Modes
  #1 (permalink)  
Old 05-13-2008
thehaapyappy thehaapyappy is offline
Registered User
  
 

Join Date: Apr 2008
Posts: 28
Adding SPF records......please help

Does anybody know who I can set up SPR records? I've created a record and it says that I need to
Quote:
Paste this into your zone file:
xxxxxxxxx.com. IN TXT "v=spf1 ip4:xxx.xxx.xxx.xx a mx ~all"
and
Quote:
So this should also appear in DNS. You may or may not be in charge of the DNS for these entries; if you are, add them.

mail. xxxxxxxxx.com. IN TXT "v=spf1 a -all"
I logged into the server as the root users via ssh and typed in /var/named (which my host told me to do) but all it said was
Quote:
is a directory
I really need to add this because Microsoft is blocking emails from the site even though it's only an opt-in system

Thanks
  #2 (permalink)  
Old 05-13-2008
era era is offline Forum Advisor  
Herder of Useless Cats (On Sabbatical)
  
 

Join Date: Mar 2008
Location: /there/is/only/bin/sh
Posts: 3,652
You don't usually even need to restart your named in order for the change to take effect, but without more information about what platform you are on and who managed to configure your DNS for you in the first place, we can't really guess where you have it.

As such, no SPF records in the world are going to help you from Microsoft blocking you. Primarily, SPF is a mechanism for preventing others from sending forged email in your domain's name. If that's a problem you are currently experiencing then definitely, deploy SPF, with a nice and tight policy like you have. (Do you understand the difference between -all and ~all? By all means use -all if you can.)
  #3 (permalink)  
Old 05-13-2008
thehaapyappy thehaapyappy is offline
Registered User
  
 

Join Date: Apr 2008
Posts: 28
No I don't understand the difference between -all and ~all.

It was Mircosoft who said I needed to set up the spf in the first place because the site isn't blacklisted at all, but still isn't going through to Hotmail addresses.

I think that it was the host who set up the DNS in the first place, but they said they don't give any help for SPF records and that I had to set it up myself
  #4 (permalink)  
Old 05-13-2008
era era is offline Forum Advisor  
Herder of Useless Cats (On Sabbatical)
  
 

Join Date: Mar 2008
Location: /there/is/only/bin/sh
Posts: 3,652
Do you know where the zone files are and how to edit them?

Once you have that done, you can probably send a simple signal to bind to have it reread its configuration files without actually restarting completely. See its local manual page.

If your host offers some sort of web panel interface to the DNS interface, maybe you can even add TXT records through that, although it sounds like they already told you you have to do it by hand.

Keep in mind that the TTL on DNS will cause any change to take time to propagate. You can always query the authoritative server directly, but secondary servers will sit on their cached values for however long the TTL says they can.

Without information about your domain, it's hard to make an informed recommendation, but SPF -all is a stronger restriction than ~all. Assuming you are in a position to set and enforce a policy that nobody except the IP addresses you name are allowed to send email in your domain's name, you should be fine to use the stronger restriction.
  #5 (permalink)  
Old 05-13-2008
sysgate's Avatar
sysgate sysgate is offline Forum Advisor  
Unix based
  
 

Join Date: Nov 2006
Location: Bulgaria
Posts: 1,318
-all means hard reject, ~all - soft reject, here's a quote :
Quote:
~all : SPF queries that do not match any other mechanism will return "softfail". Messages that are not sent from an approved server should still be accepted but may be subjected to greater scrutiny. If you need tight control replace ~all with -all (hard fail).
For example, following recored the "a" and "mx" specify the systems permitted to send messages for the given domain. The "-all" at the end specifies that, if the previous mechanisms did not match, the message should be rejected.
Check the following :
host -t txt microsoft.com
Quote:
microsoft.com descriptive text "v=spf1 mx include:_spf-a.microsoft.com include:_spf-b.microsoft.com include:_spf-c.microsoft.com include:_spf-ssg-a.microsoft.com ~all"
Here's some general information.
  #6 (permalink)  
Old 05-13-2008
thehaapyappy thehaapyappy is offline
Registered User
  
 

Join Date: Apr 2008
Posts: 28
I don't know where the zone files are or even how to find them, although I do know how to edit them
  #7 (permalink)  
Old 05-13-2008
era era is offline Forum Advisor  
Herder of Useless Cats (On Sabbatical)
  
 

Join Date: Mar 2008
Location: /there/is/only/bin/sh
Posts: 3,652
Well /var/named sounds like a good place to start looking.
Sponsored Links
Closed Thread

Bookmarks

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT -4. The time now is 03:25 PM.


Powered by: vBulletin, Copyright ©2000 - 2006, Jelsoft Enterprises Limited. Language translation by Google.
vBCredits v1.4 Copyright ©2007 - 2008, PixelFX Studios
The UNIX and Linux Forums Content Copyright ©1993-2009. All Rights Reserved.Ad Management by RedTyger

Content Relevant URLs by vBSEO 3.2.0