Does anybody know who I can set up SPR records? I've created a record and it says that I need to and I logged into the server as the root users via ssh and typed in /var/named (which my host told me to do) but all it said was I really need to add this because Microsoft is blocking emails from the site even though it's only an opt-in system

Thanks

You don't usually even need to restart your named in order for the change to take effect, but without more information about what platform you are on and who managed to configure your DNS for you in the first place, we can't really guess where you have it.

As such, no SPF records in the world are going to help you from Microsoft blocking you. Primarily, SPF is a mechanism for preventing others from sending forged email in your domain's name. If that's a problem you are currently experiencing then definitely, deploy SPF, with a nice and tight policy like you have. (Do you understand the difference between -all and ~all? By all means use -all if you can.)

No I don't understand the difference between -all and ~all.

It was Mircosoft who said I needed to set up the spf in the first place because the site isn't blacklisted at all, but still isn't going through to Hotmail addresses.

I think that it was the host who set up the DNS in the first place, but they said they don't give any help for SPF records and that I had to set it up myself

Do you know where the zone files are and how to edit them?

Once you have that done, you can probably send a simple signal to bind to have it reread its configuration files without actually restarting completely. See its local manual page.

If your host offers some sort of web panel interface to the DNS interface, maybe you can even add TXT records through that, although it sounds like they already told you you have to do it by hand.

Keep in mind that the TTL on DNS will cause any change to take time to propagate. You can always query the authoritative server directly, but secondary servers will sit on their cached values for however long the TTL says they can.

Without information about your domain, it's hard to make an informed recommendation, but SPF -all is a stronger restriction than ~all. Assuming you are in a position to set and enforce a policy that nobody except the IP addresses you name are allowed to send email in your domain's name, you should be fine to use the stronger restriction.

-all means hard reject, ~all - soft reject, here's a quote :
Check the following :
host -t txt microsoft.com
Here's some general information.

I don't know where the zone files are or even how to find them, although I do know how to edit them

Well /var/named sounds like a good place to start looking.

I went to that and all it said was

Yes, you can't execute it, but you can list its contents and see if you find the zone files there.

Thanks, I've done that and have sent the records to microsoft

You don't send them anywhere, you just need to publish them in your DNS (that was the point of editing the zone file). There are SPF verifiers which you can use to check that you got it right; SPF Query Tools

Thanks era, I'll have a look at that then. I added the records to the DNS, but wanted to make sure that Microsoft knew that so told them that I'd added them and then sent them a copy of the record. A bit ott I know, but I just wanted to make sure