LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - General (https://www.linuxquestions.org/questions/linux-general-1/)
-   -   SPF Record Generator (https://www.linuxquestions.org/questions/linux-general-1/spf-record-generator-4175657198/)

Iyyappan 07-10-2019 10:03 PM
SPF Record Generator
 
Hi team,

I have a domain mysite.mydomain.com and it has two MX records
mail1.mysite.mydomain.com
mail2.mysite.mydomain.com


I have added a spf record like below

v=spf1 mx a ip4:x.x.x.x/32 ip4:x.x.x.x/32 ~all

Scenario:
My application send an email out of using my SMTP server which is my in MX records.

For a requirement, From ID would be myname@differentdomain.com.

This application is used by customer as well and when customer submits a feedback option, application hits my website mysite.mydomain.com.

But they get a warning message that "mysite.mydomain.com" is a suspicious domain.

As the From-ID domain is different than my original domain mysite.mydomain.com, should I alter my SPF record like below ?

v=spf1 mx a ip4:x.x.x.x/32 ip4:x.x.x.x/32 include:differentdomain.com ~all

regards,
iyappan v

bathory 07-11-2019 05:05 AM
Quote:
As the From-ID domain is different than my original domain mysite.mydomain.com, should I alter my SPF record like below ?

v=spf1 mx a ip4:x.x.x.x/32 ip4:x.x.x.x/32 include:differentdomain.com ~all
Of course you can, but IMO it's better to list your server in the SPF record of differentdomain.com as an allowed to relay mail host.
If you're not the dns admin of differentdomain.com, you should ask them to do it for you.

Regards

Iyyappan 07-16-2019 01:08 AM
Quote:
Originally Posted by bathory (Post 6014037)
Of course you can, but IMO it's better to list your server in the SPF record of differentdomain.com as an allowed to relay mail host.
If you're not the dns admin of differentdomain.com, you should ask them to do it for you.

Regards
Came across multiple forums where this suspicious domain issue is present only in Gsuite and in not in any other service providers.

Incidentally my customer emails are hosted in Gsuite only.

I too have another customer with exact requirement but I don't face any issue because they are using O365. Problem is faced only with Gsuite hosted customer.

I tried the below.

1. Add my domain in include

v=spf1 mx a ip4:x.x.x.x/32 ip4:x.x.x.x/32 include:mydomain.com ~all

Post this the suspicious domain issue got fixed initially, but I tried again to provide feedback link, issue cropped again stating" this link leads to an untrusted site. Are you sure you want to proceed to mydomain.com?"

2. So I added my customer domain also in include

v=spf1 mx a ip4:x.x.x.x/32 ip4:x.x.x.x/32 include:mydomain.com include:differentdomain.com ~all

Post this customer started facing problem in their SPF configuration, so I had to revert back to old record "v=spf1 mx a ip4:x.x.x.x/32 ip4:x.x.x.x/32 ~all".

So am back to square one.

My site is configured properly with SSL certificate and I have configured SSL certificates in my email servers also.

I am still some mistake which I am unable to figure out where am doing it.

can you please help.

TB0ne 07-17-2019 07:03 AM
Quote:
Originally Posted by Iyyappan (Post 6015432)
Came across multiple forums where this suspicious domain issue is present only in Gsuite and in not in any other service providers. Incidentally my customer emails are hosted in Gsuite only. I too have another customer with exact requirement but I don't face any issue because they are using O365. Problem is faced only with Gsuite hosted customer. I tried the below.

1. Add my domain in include
v=spf1 mx a ip4:x.x.x.x/32 ip4:x.x.x.x/32 include:mydomain.com ~all

Post this the suspicious domain issue got fixed initially, but I tried again to provide feedback link, issue cropped again stating" this link leads to an untrusted site. Are you sure you want to proceed to mydomain.com?"

2. So I added my customer domain also in include
v=spf1 mx a ip4:x.x.x.x/32 ip4:x.x.x.x/32 include:mydomain.com include:differentdomain.com ~all

Post this customer started facing problem in their SPF configuration, so I had to revert back to old record "v=spf1 mx a ip4:x.x.x.x/32 ip4:x.x.x.x/32 ~all".

So am back to square one. My site is configured properly with SSL certificate and I have configured SSL certificates in my email servers also. I am still some mistake which I am unable to figure out where am doing it.
So you're trying to solve a problem that your customers are paying you to solve, but you're wanting us to solve it for free??? We aren't on your 'team', and have you read the "Question Guidelines" link? There are many ways to do this, but as bathory said, if you aren't the admin of those different domains, you won't be able to do ANYTHING about it.

https://support.google.com/a/answer/33786?hl=en

You also say nothing about version/distro of Linux, what mail system, or where exactly you're setting this SPF record, and unless you provide details, there isn't a lot we can tell you.


All times are GMT -5. The time now is 12:08 PM.