LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices


Reply
  Search this Thread
Old 07-10-2019, 10:03 PM   #1
Iyyappan
Member
 
Registered: Dec 2008
Location: Chennai, India
Distribution: CentOS 5, SLES 11
Posts: 245

Rep: Reputation: 4
SPF Record Generator


Hi team,

I have a domain mysite.mydomain.com and it has two MX records
mail1.mysite.mydomain.com
mail2.mysite.mydomain.com


I have added a spf record like below

v=spf1 mx a ip4:x.x.x.x/32 ip4:x.x.x.x/32 ~all

Scenario:
My application send an email out of using my SMTP server which is my in MX records.

For a requirement, From ID would be myname@differentdomain.com.

This application is used by customer as well and when customer submits a feedback option, application hits my website mysite.mydomain.com.

But they get a warning message that "mysite.mydomain.com" is a suspicious domain.

As the From-ID domain is different than my original domain mysite.mydomain.com, should I alter my SPF record like below ?

v=spf1 mx a ip4:x.x.x.x/32 ip4:x.x.x.x/32 include:differentdomain.com ~all

regards,
iyappan v
 
Old 07-11-2019, 05:05 AM   #2
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 12,505

Rep: Reputation: 1769Reputation: 1769Reputation: 1769Reputation: 1769Reputation: 1769Reputation: 1769Reputation: 1769Reputation: 1769Reputation: 1769Reputation: 1769Reputation: 1769
Quote:
As the From-ID domain is different than my original domain mysite.mydomain.com, should I alter my SPF record like below ?

v=spf1 mx a ip4:x.x.x.x/32 ip4:x.x.x.x/32 include:differentdomain.com ~all
Of course you can, but IMO it's better to list your server in the SPF record of differentdomain.com as an allowed to relay mail host.
If you're not the dns admin of differentdomain.com, you should ask them to do it for you.

Regards
 
Old 07-16-2019, 01:08 AM   #3
Iyyappan
Member
 
Registered: Dec 2008
Location: Chennai, India
Distribution: CentOS 5, SLES 11
Posts: 245

Original Poster
Rep: Reputation: 4
Quote:
Originally Posted by bathory View Post
Of course you can, but IMO it's better to list your server in the SPF record of differentdomain.com as an allowed to relay mail host.
If you're not the dns admin of differentdomain.com, you should ask them to do it for you.

Regards
Came across multiple forums where this suspicious domain issue is present only in Gsuite and in not in any other service providers.

Incidentally my customer emails are hosted in Gsuite only.

I too have another customer with exact requirement but I don't face any issue because they are using O365. Problem is faced only with Gsuite hosted customer.

I tried the below.

1. Add my domain in include

v=spf1 mx a ip4:x.x.x.x/32 ip4:x.x.x.x/32 include:mydomain.com ~all

Post this the suspicious domain issue got fixed initially, but I tried again to provide feedback link, issue cropped again stating" this link leads to an untrusted site. Are you sure you want to proceed to mydomain.com?"

2. So I added my customer domain also in include

v=spf1 mx a ip4:x.x.x.x/32 ip4:x.x.x.x/32 include:mydomain.com include:differentdomain.com ~all

Post this customer started facing problem in their SPF configuration, so I had to revert back to old record "v=spf1 mx a ip4:x.x.x.x/32 ip4:x.x.x.x/32 ~all".

So am back to square one.

My site is configured properly with SSL certificate and I have configured SSL certificates in my email servers also.

I am still some mistake which I am unable to figure out where am doing it.

can you please help.

Last edited by Iyyappan; 07-16-2019 at 01:20 AM.
 
Old 07-17-2019, 07:03 AM   #4
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 21,587

Rep: Reputation: 5685Reputation: 5685Reputation: 5685Reputation: 5685Reputation: 5685Reputation: 5685Reputation: 5685Reputation: 5685Reputation: 5685Reputation: 5685Reputation: 5685
Quote:
Originally Posted by Iyyappan View Post
Came across multiple forums where this suspicious domain issue is present only in Gsuite and in not in any other service providers. Incidentally my customer emails are hosted in Gsuite only. I too have another customer with exact requirement but I don't face any issue because they are using O365. Problem is faced only with Gsuite hosted customer. I tried the below.

1. Add my domain in include
v=spf1 mx a ip4:x.x.x.x/32 ip4:x.x.x.x/32 include:mydomain.com ~all

Post this the suspicious domain issue got fixed initially, but I tried again to provide feedback link, issue cropped again stating" this link leads to an untrusted site. Are you sure you want to proceed to mydomain.com?"

2. So I added my customer domain also in include
v=spf1 mx a ip4:x.x.x.x/32 ip4:x.x.x.x/32 include:mydomain.com include:differentdomain.com ~all

Post this customer started facing problem in their SPF configuration, so I had to revert back to old record "v=spf1 mx a ip4:x.x.x.x/32 ip4:x.x.x.x/32 ~all".

So am back to square one. My site is configured properly with SSL certificate and I have configured SSL certificates in my email servers also. I am still some mistake which I am unable to figure out where am doing it.
So you're trying to solve a problem that your customers are paying you to solve, but you're wanting us to solve it for free??? We aren't on your 'team', and have you read the "Question Guidelines" link? There are many ways to do this, but as bathory said, if you aren't the admin of those different domains, you won't be able to do ANYTHING about it.

https://support.google.com/a/answer/33786?hl=en

You also say nothing about version/distro of Linux, what mail system, or where exactly you're setting this SPF record, and unless you provide details, there isn't a lot we can tell you.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
hosting server SPF TXT record setup kitek Linux - Server 2 06-17-2012 07:30 AM
My SPF record is broken...how to fix in BIND? sneakyimp Linux - Server 6 03-05-2010 02:08 PM
Starting spf-milter: spf-milter: Milter for 'spf-milter' not found in /etc/mail/sendm Niceman2005 Linux - Software 1 07-06-2009 03:07 AM
SPF record question Sheridan Linux - Networking 0 02-16-2008 02:48 AM
SPF record macadam Linux - Security 4 05-03-2005 08:13 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - General

All times are GMT -5. The time now is 03:40 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration