Hi,
I have done the NSLOOKUP and saw that I do not serve my dns my provider does
that, I will call him Monday.
Is it recommended tot install on the Exchange 2003 server de IMF filter from
Microsoft?
Regards,
Dwain Hutten
-----Oorspronkelijk bericht-----
Van: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com] Namens Koen Martens
Verzonden: zaterdag 24 juli 2004 17:52
Aan: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Onderwerp: Re: [spf-discuss] [SPF] What to do in Windows 2003 and a .local
domain DNS
On Sat, Jul 24, 2004 at 03:26:56PM +0200, Dwain Hutten wrote:
Hi,
I'm very interested in an SPF filter on my Windows 2003.
I have seen on the website that is must create an TXT record where my
SMTP server is named. (MX)
But here I my questions:
1. my internal domain has as extension .local but on the internet I
use .NL but the SPF filter is for .NL but I have only a DNS AD
Integrated which ands on .local, what should I do?
You have to put the TXT records on the domain name server that serves
your internet domains. To find out which one this is, you could use
nslookup, eg. Start->Uitvoeren->'nslookup' enter. Then type 'set q=ns'
enter and 'yourdomain.nl' enter. It will show you the NS records for
your domain. To see if there are txt records for your domain, use 'set
q=txt' enter 'yourdomain.nl' enter.
What you should do is to contact your dns hoster, whomever it may be.
2. my second question is, I have the SPF filter set to my IP by doing
MX:000.000.000.000 (this is not my real adres) is this correct? I
need one SPF record for each SMTP server is that true?
Nope, you need one spf record for each domain you want to protect
against forgery. For example, if your outgoing smtp server is 1.2.3.4,
and your domain is bla.nl, you publish "v=spf1 ip4:1.2.3.4 -all" on the
domain bla.nl. For example, if you also have www.bla.nl, and don't ever
want any mail to be sent from www.bla.nl, publich "v=spf1 -all" for
www.bla.nl.
3. how can I check I an email of the SPF filter is working because
the check tool on your website says the he can't find an SPF rule.
Probably because you have set up txt records on your local dns, but you
have to publish these on the same dns that ansers ip lookups for your
domain.
4. Do I have to set ports open on my firewall for use of DNS from the
internet to validate the SPF filter?
Only if you serve dns for your domain yourself, but I don't think you
do.
Hope this helps,
Koen
--
K.F.J. Martens, Sonologic, http://www.sonologic.nl/
Networking, embedded systems, unix expertise, artificial intelligence.
Public PGP key: http://www.metro.cx/pubkey-gmc.asc
Wondering about the funny attachment your mail program
can't read? Visit http://www.openpgp.org/
-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Send us money! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com