Create SPF record to include Mweb's mail relay servers

uncapped_shady

uncapped_shady

Well-Known Member
Joined
Nov 29, 2010
Messages
226
Reaction score
10
Location
Somewhere Close by
Hi all, As the heading states, I need to create a SPF record on my DNS that will include Mweb's Mail relay servers as I use SMTP.Mweb.co.za to send all my email and I have been bombarded with spoofed Spam mails coming either from myself or one of our domain users. Let me give you all background to my setup: We use Google Apps - Free Edition for our mail hosting and on the 21 May 2013 almost all of our legit email started going into the SPAM folders, so i created filters for all users to never send mail to spam. I configured my own spam filter on our works server that deals with the spam and it works great. Only problem now is that we are getting spoofed with spam emails coming from our domain eg [email protected]. I have created a SPF record as follows for Google : v=spf1 include:_spf.google.com ~all - As i understand it, that will mean that the spf record will only work when sending through gmail. At work I have Exchange 2003 server setup with a pop collector that collects mail from all the individual Google Apps mailboxes and forwards it to the exchange users. When we send emails out from within the domain, we make use of an SMTP connector - routing to smtp.mweb.co.za , so I need to include mweb's mail relay servers in my SPF record, but not sure how to modify my existing SPF record. Sorry for the massive post, but i wanted to be as descriptive as possible.

System: Windows server 2003 (SBS)
Exchange 2003
current SPF record: v=spf1 include:_spf.google.com ~all

Thanks
 
Update it to this:
v=spf1 include:_spf.google.com +a:smtp.mweb.co.za ~all

Also chaning the ~ to - will hard fail spoofed mails.
 
grim said:
Update it to this:
v=spf1 include:_spf.google.com +a:smtp.mweb.co.za ~all

Also chaning the ~ to - will hard fail spoofed mails.
Click to expand...
Thanks so much for your help. I will make the changes and post back with results.
PS: if i change the ~ to - will it only fail spoofed emails and not cause issues with legit email being sent out?
Also could I just use the standard smtp.mweb.co.za instead of a "relay.mweb..." address?
 
uncapped_shady said:
Thanks so much for your help. I will make the changes and post back with results.
PS: if i change the ~ to - will it only fail spoofed emails and not cause issues with legit email being sent out?
Also could I just use the standard smtp.mweb.co.za instead of a "relay.mweb..." address?
Click to expand...

As long as you are only sending mails out from addresses included in your SPF changing it to hard fail other mails won't be a problem.

As long as you don't use the relay.mweb.co.za address you can leave it out otherwise just add it:
v=spf1 include:_spf.google.com +a:smtp.mweb.co.za +a:relay.mweb.co.za ~all

Edit: fixed the SPF record, was missing a:
 
Last edited:
grim said:
As long as you are only sending mails out from addresses included in your SPF changing it to hard fail other mails won't be a problem.

As long as you don't use the relay.mweb.co.za address you can leave it out otherwise just add it:
v=spf1 include:_spf.google.com +a:smtp.mweb.co.za +relay.mweb.co.za ~all
Click to expand...

Once again thank you very much for your assistance. I will just add the smtp.mweb.co.za for now as that is what i have specified under ESM smtp connector.
 
Ok, so I made the changes as follows: v=spf1 include:_spf.google.com +a:smtp.mweb.co.za -all

I went to www.kitterman.com to test the SPF record and it failed with: SPF record lookup and validation for: mydomain.co.za

SPF records are primarily published in DNS as TXT records.

The TXT records found for your domain are:
v=spf1 include:_spf.google.com +a:smtp.mweb.co.za -all

SPF records should also be published in DNS as type SPF records.
No type SPF records found.

Checking to see if there is a valid SPF record.

Found v=spf1 record for mydomain.co.za:
v=spf1 include:_spf.google.com +a:smtp.mweb.co.za -all

evaluating...
Results - PermError SPF Permanent Error: Unknown mechanism found: +a:smtp.mweb.co.za

Please help?


EDIT: It looks like I found my problem, I changed it to : v=spf1 include:_spf.google.com include:smtp.mweb.co.za -all and all seems good testing with mxtoolbox
 
Last edited:
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X