UNIX for Dummies Questions & Answers

Does anybody know who I can set up SPR records? I've created a record and it says that I need to and I logged into the server as the root users via ssh and typed in /var/named (which my host told me to do) but all it said was I really need to add this because Microsoft is blocking emails from the site even though it's only an opt-in system

Thanks

You don't usually even need to restart your named in order for the change to take effect, but without more information about what platform you are on and who managed to configure your DNS for you in the first place, we can't really guess where you have it.

As such, no SPF records in the world are going to help you from Microsoft blocking you. Primarily, SPF is a mechanism for preventing others from sending forged email in your domain's name. If that's a problem you are currently experiencing then definitely, deploy SPF, with a nice and tight policy like you have. (Do you understand the difference between -all and ~all? By all means use -all if you can.)

No I don't understand the difference between -all and ~all.

It was Mircosoft who said I needed to set up the spf in the first place because the site isn't blacklisted at all, but still isn't going through to Hotmail addresses.

I think that it was the host who set up the DNS in the first place, but they said they don't give any help for SPF records and that I had to set it up myself

Do you know where the zone files are and how to edit them?

Once you have that done, you can probably send a simple signal to bind to have it reread its configuration files without actually restarting completely. See its local manual page.

If your host offers some sort of web panel interface to the DNS interface, maybe you can even add TXT records through that, although it sounds like they already told you you have to do it by hand.

Keep in mind that the TTL on DNS will cause any change to take time to propagate. You can always query the authoritative server directly, but secondary servers will sit on their cached values for however long the TTL says they can.

Without information about your domain, it's hard to make an informed recommendation, but SPF -all is a stronger restriction than ~all. Assuming you are in a position to set and enforce a policy that nobody except the IP addresses you name are allowed to send email in your domain's name, you should be fine to use the stronger restriction.

-all means hard reject, ~all - soft reject, here's a quote :
Check the following :
host -t txt microsoft.com
Here's some general information.

I don't know where the zone files are or even how to find them, although I do know how to edit them

Well /var/named sounds like a good place to start looking.