My understanding is that the TXT record in the zone file for the domain FOO.COM
indicates which hosts can have sent mail in behalf of FOO.COM users.
I introduced "spfmilter" and began to have my users be rejected, when all they
were trying to do was connect to our SMTP server to /inject/ mail. The SPF
check should not affect that, I thought.
Where is the best, most thorough description of the syntax and semantics of the
TXT record?
I thought the hosts one lists on the SPF TXT record are those hosts that mail
from the domain could have come from:
transbay.net in txt "v=spf1 a mx ptr a:mail.transbay.net a:smtp.transbay.net
-all"
Yet when a remote user connects to mail.transbay.net to have mail sent for them,
spfmilter rejects the user's connection.
I cannot convert all my users to AUTH - and intuitively I should not have to
worry
about that.
I don't want to have to list all the subnets that could connect to our mailer to
inject mail into SMTP for outbound on the TXT record. If I have to do that in
an spfmilter whitelist file, that is alright. But doing so on the TXT record
means that a lot of addresses would be declared valid as origins of mail from
transbay.net, that aren't.
To get SPFMILTER to work properly, do I have to whitelist all non-AUTH users by
IP addresses, that want to give our SMTP server something to send?