Once again I revert to this forum for some clarification concerning MX and TXT records in BIND. I'll try to clarify my doubts as best I can. To do that i'll explain my current set-up.
Currently I am running a small network with 1 public IP address. I have one single computer that acts as my webserver and mailserver, this server hosts various websites as also serves mail for each
I also have my main website, which acts as the domain for the whole network.
This is the domain I have used to configure postfix, $mydomain = mydomain.net
, For "mydomain.net
" I have set-up an MX record that points to host "mail
" and domain "mydomain.net
". For the host to be reachable I added an A record
". I also added two TXT records
, one that points to host "mail
" with the value "v=spf1 a mx ~all
" and the other that simply points to the domain "mydomain.net
" with value
"v=spf1 a ~all
". So when I send an email using "mail.mydomain.net
from an address belonging to "mydomain.net
" such as "email@example.com", the Received-SPF passes its tests.
My first question is: Is the above configuration correct? Should I use an A or CNAME record for the host "mail"? Are both TXT records necessary? Or is my approach completely wrong? My goal is that the Received-SPF always passes.
Now one of my biggest doubts. As I stated above I host various other websites, now say I want to give "website1.com
" the ability to use "mail.website1.com
" as the mail server configuration for their mail clients (simply a matter of simplification). By repeating the steps I state above (adding MX record, TXT records, all specific for website1.com domain) I manage to get a pass on the received-SPF.
My question here is simply if this is the correct approach? Or should I simply point the MX record to mail.mydomain.net
Now my final doubt. Suppose I want to also send and receive mail for the domain "website2.com
, this time I do not need to provide a "mail.website2.com
", therefore, I want to use "mail.mydomain.net
How should I go about in setting this up so that Received-SPF allways passes? I have tried altering the TXT records to "v=spf1 a mx include:website2.com ~all
" and "v=spf1 a include:website2.com ~all
", but SPF always states "Received-SPF: neutral"
The reason I am asking is because sometimes email originating from webserver2.com gets tagged as spam, and IMHO the reason is due to SPF, also I have noticed that email that does not pass the SPF test, usually takes a little longer to be delivered.
I would also like to clarify another point: when should I use A record as opposed to CNAME records. Say for example I have webmail.mydomain.net
, should I use a CNAME or A record? And why? Once again everything resides on the same server as www.mydomain.net
Well I guess that's it, I apologize for the long text but I think it was necessary to clarify my doubts. I hope someone can gather up the patience to read all this :P