Re: Can I require to satisify multiple conditions based on spf record

--"william(at)elan.net" <william(_at_)elan(_dot_)net> wrote:


If I have spf record "v=spf1 ip4:192.168.0.0/16 ptr -all" that would mean
its either 192.168.0.0/16 OR mail server with the domaini in reverse.
But lets I want SPF record that says mail that comes from example.com
domain MUST come from ip range 192.168.0.0/16 AND IT MUST come from mail
server that has PTR that domain. Can I enter this within SPF record? How?



Here is an awkward and complicated way, but it should work.

             domain.  IN TXT  "v=spf1 redirect=%{ir}.spf.%{d}"
*.168.192.spf.domain.  IN TXT  "v=spf1 +ptr -all"
       *.spf.domain.  IN TXT  "v=spf1 -all"

If you can match easily with another mechanism, like "mx", you can put thatbefore the redirect and save some dns queries.

Another way to approach this would be to give all your mailservers a PTRname of xxxx.mail.domain. instead of xxxx.domain, and then useptr:mail.domain instead of just ptr.


--
Greg Connor <gconnor(_at_)nekodojo(_dot_)org>

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:

Can I require to satisify multiple conditions based on spf record, william(at)elan.net

Next by Date:

Re: Can I require to satisify multiple conditions based on spf record, Greg Connor

Previous by Thread:

Re: Can I require to satisify multiple conditions based on spf record, Frank Ellermann

Next by Thread:

Will SPF be able to help to detect these kind of forgeries?, M Z Rahman

Indexes:

[Date] [Thread] [Top] [All Lists]