POSTFIX SERVER
PART 5 – Adding SPF (TXT) Record
We need to add SPF record to the mail domain. You may ask why are we doing this? The reason is that without SPF records, mail can experience all kinds of issues such as mail being bounced back, blacklisted, causing the company to lose business. Therefore, we need to take care of our DNS records for the mail server. Besides the MX record, we need to have an SPF (TXT) record and an SRV record in place too. In this section, I will show you how to create an SPF (TXT) record for the mail domain.
Step 1: Find out the current SPF record.
Step 2: Generate an SPF record
Visit www.spfwizard.net.
Enter the following information
domain = dalaris.com
Allow servers listed as MX to send email for this domain = Yes
Allow current IP address of the domain to send email for this domain = Yes
Allow any hostname ending in dalaris,cin ti send email for this domain = No.
How strict should be the servers treating the emails = SoftFail
Note the DNS entry on top
Copy the value between the quotes (not including the quotes.
v=spf1 mx a ip4:216.123.169.86/32 ~all
Step 4: Add an SPF (TXT) record in DNS
Now in your public DNS, add the record (an SPF is a TXT record). Wait for the DNS replication to take place and then test.
Step 5: Verify DNS
To test, use this URL:
http://www.kitterman.com/getspf2.py
If DNS has not been updated yet, the SPF record will return as invalid.
Once the DNS has been replicated, you can see that the SPF record shows valid. Please use NSLOOKUP to check the record as well.