On Mon, 2004-06-28 at 19:27, Lou Katz wrote:
I have set up SPF records for an inactive domain, game4grrls.com,
Is that a typo? The domain game4grrls.com doesn't even appear to be
registered:
$ dig game4grrls.com txt
; <<>> DiG 9.2.3 <<>> game4grrls.com txt
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9568
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;game4grrls.com. IN TXT
;; AUTHORITY SECTION:
com. 10800 IN SOA a.gtld-servers.net.
nstld.verisign-grs.com. 1088406693 1800 900 604800 900
which points
to records for an active domain (metron.com).
$ dig metron.com txt
; <<>> DiG 9.2.3 <<>> metron.com txt
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42874
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 7, ADDITIONAL: 1
;; QUESTION SECTION:
;metron.com. IN TXT
;; ANSWER SECTION:
metron.com. 7200 IN TXT "v=spf1 a mx
a:spinach.metron.com a:violet.metron.com a:indigo.metron.com
a:pop.metron.com ip4:192.160.193.0/24 ip4:207.251.147.0/24 ?all"
That one looks OK but could be optimized a bit by moving the the ip4
parts to the start of the record, which would reduce the number of DNS
lookups required for connections from IPs in those ranges.
Is there a site where I can
test this, or can someone test it for me? I do not have SPF checking set
up on my sendmail yet.
If you install Mail::SPF::Query you can use the command-line tool
`spfquery' to check what happens for various combinations of IP address,
HELO name and envelope addresses.
Cheers, Paul.
--
Paul Howarth <paul(_at_)city-fan(_dot_)org>