Proxy SPF records.
If you are creating a spf record for your domain, and you need to include some ISP which
you use, but which does not publish a record themselves, this is where a proxy record can
be useful.
The information in the proxy record will be made up by people looking at their mail and
identifying the IP's of as many of the sources of mail from that ISP as possible.
The proxy record will exist on spfhelp.net and will allow you to include it instead of the
ISP's non-existant record.
Obviously this is not foolproof, but will depend on people giving feedback to the
proxy-record holder here. It should be included in your record by ?include: so that is
will not cause a fail, and the proxy record itself will look something like this:-
comcast.net.proxy.spfhelp.net. IN TXT "v=spf1 ?ip4:204.127.202.0/24
?ip4:204.127.198.0/24 ?ip4:216.148.227.0/24 ?ip4:63.240.76.0/24 ~all"
thereby giving no hard FAIL results if it is not quite right, but giving a pass where it
matches. The "SPF" RR will also be included as a proxy with the same information.
Now your record can look like this:-
example.com IN TXT "v=spf1 a mx ?include:comcast.net.proxy.spfhelp.net
~all"
and you will not be thwarted by the lack of a record at comcast.net.
The ISP's I have been asked to create proxies for so far are:-
cox.net
comcast.net
rogers.com
vianet.ca
blackberry.net
and I am waiting for information from anyone who gets mail from those sources to let me
have the IP number it originated from.
I hope that explains it better.
Slainte,
JohnP