Hi everyone,
Once again I revert to this forum for some clarification concerning MX and TXT records in BIND. I'll try to clarify my doubts as best I can. To do that i'll explain my current set-up.
Currently I am running a small network with 1 public IP address. I have one single computer that acts as my webserver and mailserver, this server hosts various websites as also serves mail for each
domain:
"website1.com"
"website2.com"
"website3.com"
I also have my main website, which acts as the domain for the whole network.
"mydomain.net"
This is the domain I have used to configure postfix,
$mydomain = mydomain.net, For "
mydomain.net" I have set-up an MX record that points to host "
mail" and domain "
mydomain.net". For the host to be reachable I added an
A record "
mail". I also added two
TXT records, one that points to host "
mail" with the value "
v=spf1 a mx ~all" and the other that simply points to the domain "
mydomain.net" with value
"
v=spf1 a ~all". So when I send an email using "
mail.mydomain.net"
from an address belonging to "
mydomain.net" such as "me@mydomain.net", the Received-SPF passes its tests.
Q: My first question is: Is the above configuration correct? Should I use an A or CNAME record for the host "mail"? Are both TXT records necessary? Or is my approach completely wrong? My goal is that the Received-SPF always passes.
Now one of my biggest doubts. As I stated above I host various other websites, now say I want to give "
website1.com" the ability to use "
mail.website1.com" as the mail server configuration for their mail clients (simply a matter of simplification). By repeating the steps I state above (adding MX record, TXT records, all specific for website1.com domain) I manage to get a pass on the received-SPF.
Q: My question here is simply if this is the correct approach? Or should I simply point the MX record to
mail.mydomain.net?
Now my final doubt. Suppose I want to also send and receive mail for the domain "
website2.com",
however, this time I do not need to provide a "
mail.website2.com", therefore, I want to use "
mail.mydomain.net".
Q: How should I go about in setting this up so that Received-SPF allways passes? I have tried altering the TXT records to "
v=spf1 a mx include:website2.com ~all" and "
v=spf1 a include:website2.com ~all", but SPF always states "Received-SPF: neutral"
The reason I am asking is because sometimes email originating from webserver2.com gets tagged as spam, and IMHO the reason is due to SPF, also I have noticed that email that does not pass the SPF test, usually takes a little longer to be delivered.
Q: I would also like to clarify another point: when should I use A record as opposed to CNAME records. Say for example I have
webmail.mydomain.net &
stats.mydomain.net, should I use a CNAME or A record? And why? Once again everything resides on the same server as
www.mydomain.net.
Well I guess that's it, I apologize for the long text but I think it was necessary to clarify my doubts. I hope someone can gather up the patience to read all this :P
Regards,
Istvan Cebrian