[Cialug] RFC & best practices for mail server hostnames?
Barry Von Ahsen
barry at vonahsen.com
Fri Feb 1 14:00:29 CST 2013
On Feb 1, 2013, at 1:13 PM, L. V. Lammert wrote:
> At 12:55 PM 2/1/2013, Dave Weis wrote:
>>
>> [djweis at charmed ~]$ nslookup -type=txt statefarm.com
>> Server: 67.224.64.31
>> Address: 67.224.64.31#53
>>
>> Non-authoritative answer:
>> statefarm.com text = "v=spf1 ip4:12.34.246.0/24 ip4:204.94.39.0/24 ip4:204.118.102.0/24 ip4:205.166.218.0/24 ip4:205.242.228.0/23 ~all"
>
> Ahh, .. but those are not MX records, are they? The point at that time (I believe) was that mail41 did not have an MX record.
>
> ;; ANSWER SECTION:
> statefarm.com. 1200 IN MX 5 mail3.statefarm.com.
> statefarm.com. 1200 IN MX 5 mail4.statefarm.com.
> statefarm.com. 1200 IN MX 5 mail5.statefarm.com.
I think what he's saying is MX is how you get mail to State Farm, not how they'll get it to you. it used to be that inbound server==outbound server, and often still is for SMBs, but orgs like SF are going to have their own mailservers, plus marketing/ad agencies, constant contact/mailchimp, salesforce, etc sending on their behalf. if you're going to reject when sender != MX, there could be a lot of legitimate(ish) mail lost. which is where SPF and dkim come in
I just got a request to whitelist one company that included 7 class Cs and 3 /26s (and a bunch of individual IPs)
-barry
More information about the Cialug
mailing list