Tag Archives: spf

Technical

SPF challenges continued

Getting email accepted by another domain has become quite a headache for systems administrators. Because of security issues, mail servers have had to clamp down on who exactly will be permitted to send mail to their users. I’m still encountering intermittent problems with some domains accepting our emails; although the big offenders like AOL and MSN/Hotmail have been largely resolved with the simple addition of SPF records to our DNS zones. However, two more providers have cropped up in my attempts to get my users open email access everywhere. Some ISPs such as consolidated.net have a baffling bounceback message either referencing an old (perhaps retired) RBL server or a cryptic, generic refusal. Whereas GoDaddy, one of the biggest domain registrars out there, has some strict requirements and configurations that I’m still trying to guess at.

I’ve added via WHM more SPF records via TXT type to not only the main domains and parked domains, but also to their nameserver records and to the hostname DNS records as well. Anything that has the remote chance of showing up in a header check now has a SPF record. Here’s to hoping I made some progress.

Technical

Hotmail…what a pain

I’ve had the joy of trying to figure out why certain domain emails aren’t reaching certain users, especially Hotmail. Granted, SPF records and reverse DNS needed to be set up, but all the research and hard work are not paying off in the case of Hotmail/MSN/Live (all Microsoft brands) using a competing framework. All research points to SPF and SenderID not playing nice with each other…and Hotmail’s response? Starting at a mere $200, you can become a certified sender (Sender Score Certification) and reach over 3 billion inboxes.

I’ve found OpenSPF’s record wizard, Microsoft’s SenderID wizard (which appears to publish the exact same thing) and the SPF Query Tool helpful in setting up the correct DNS content. The following article also made this change easy. Since DNS Stuff went pay-for-service, I’ve had to resort to free DNS check tools like MXToolbox to look up things like reverse DNS and blacklist records.