trouble setting up my txt record

I have some trouble setting up my txt record. Here is my zone file

$TTL 86400

@ IN SOA ns1.linode.com. admin.mydomain.com. (

2008040102

7200

7200

1209600

86400

)

@ NS ns1.linode.com.

@ NS ns2.linode.com.

@ MX 10 lixx-xxx.members.linode.com.

spf TXT "v=spf1 a mx ~all"

@ A 1.2.3.4

www A 1.2.3.4

I can get the txt record back using the ns1.linode.com as server:

-bash-3.00$ host -t txt spf.mydomain.com ns1.linode.com

Using domain server:

Name: ns1.linode.com

Address: 69.93.127.10#53

Aliases:

spf.mydomain.com text "v=spf1 a mx ~all"

But when I use the dig command the txt record won't show up.

-bash-3.00$ dig txt mydomain.com

; <<>> DiG 9.2.4 <<>> txt mydomain.com

;; global options: printcmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10480

;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:

;mydomain.com. IN TXT

;; AUTHORITY SECTION:

mydomain.com. 10119 IN SOA ns1.linode.com. admin.mydomain.com. 2008033119 7200 7200 1209600 86400

;; Query time: 0 msec

;; SERVER: 129.128.4.241#53(129.128.4.241)

;; WHEN: Mon Mar 31 22:29:08 2008

;; MSG SIZE rcvd: 86

I also use the web service like this one (http://www.politemail.com/check-spf.aspx) and it showed I don't have a spf for my domain, either?

Without a spf record, Hotmail has been silently dropping all the emails sent from my linode :(

Any thoughts? Thanks a lot!

James

6 Replies

You need to change spf TXT "v=spf1 a mx ~all" to @ TXT "v=spf1 a mx ~all"

The way you have it now, you're specifying an SPF record for spf.domain.com, not domain.com

–James

@irgeek:

You need to change spf TXT "v=spf1 a mx ~all" to @ TXT "v=spf1 a mx ~all"

The way you have it now, you're specifying an SPF record for spf.domain.com, not domain.com

–James

Thank you! It works now. But I still can't send emails to Hotmail accounts. I guess it's a problem on Hotmail's end.

Double check your forward and reverse DNS match and that they match the name your servers claims in it's HELO. I've seen Hotmail reject mail when they don't all match. If that's not it, check if your IP is listed on any DNSBLs. If that's still not it, you may have to go through the soul-crushing process of dealing with Hotmail's support people.

–James

The reverse DNS and HELO record both showed that "li??-???.members.linode.com". I change the config file for postfix and now the HELO seems OK. I am not sure how to fix the reverse DNS problem though. After a bit of googling I learn that I need to change the PTR record, which I have no idea where it's located. Is it the same thing as the MX record for my domain? BTW, I have multple virtual host on my linode, so is reverse DNS going to show all the domains I have?

@jamesl:

The reverse DNS and HELO record both showed that "li??-???.members.linode.com". I change the config file for postfix and now the HELO seems OK. I am not sure how to fix the reverse DNS problem though. After a bit of googling I learn that I need to change the PTR record, which I have no idea where it's located. Is it the same thing as the MX record for my domain? BTW, I have multple virtual host on my linode, so is reverse DNS going to show all the domains I have? Reverse DNS can be configured in the Linode control panel. You do need to make sure the forward lookup goes to your IP first.

@jamesl:

I have multple virtual host on my linode, so is reverse DNS going to show all the domains I have?
Reverse DNS can only show one hostname, and I think it usually doesn't matter if it agrees with anything. If you want to be on the safe side though, you want your PTR to agree with ANY one of the hostnames you have resolving to that IP, and your HELO name should also agree with the PTR record. It really doesn't matter if any of these names match the email domain you are sending from.

For example,

IP = 1.2.3.4

PTR of 1.2.3.4 reports mail.domain1.com

forward lookup of mail.domain1.com returns 1.2.3.4

mailserver on 1.2.3.4 announces itself (HELO) as "mail.domain1.com"

This mailserver can now send mail from anydomain.com, or anyotherdomain.com, etc. If you are using SPF, just make sure anydomain.com and anyotherdomain.com have their own SPF records that authorize 1.2.3.4 or mail.domain1.com as senders.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct