Advertisements
We will use the domain www.linuxhelp.in. I use Google apps for the mail. So first we will check whether any SPF record exists for this particular domain. Using the dig command.
randeep@Randeep:~$ dig -t TXT linuxhelp.in
; <<>> DiG 9.8.1-P1 <<>> -t TXT linuxhelp.in
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58099
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;linuxhelp.in. IN TXT
;; ANSWER SECTION:
linuxhelp.in. 18219 IN TXT "google-site-verification=mpd2aD7gfdfdfsdfdsm07_y3dffdfdTyHkoOI"
;; Query time: 49 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sun Feb 16 12:19:21 2014
;; MSG SIZE rcvd: 111
randeep@Randeep:~$
In the above lines its clear that there is no SPF records present.
You can also verify the score or spf/dkim records by sending mails to service providers like port25.com. Just send a mail to their address from an email account of the domain you want to check the records.
If no records are present, the report will look like this.
The Port25 Solutions, Inc. team
==========================================================
Summary of Results
==========================================================
SPF check: neutral
DomainKeys check: neutral
DKIM check: neutral
Sender-ID check : neutral
SpamAssassin check: ham
==========================================================
As I'm using Google apps for mails, I'll add Google apps as the authorized entity to send emails for my domain. Google has described it here. We need to add it in the TXT record field in your domain registrar account (godaddy/bigrock etc.)
After adding the record you can recheck the record using dig command. But it may take some time to update the dns.
randeep@Randeep:~$ dig -t TXT linuxhelp.in
; <<>> DiG 9.8.1-P1 <<>> -t TXT linuxhelp.in
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17491
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;linuxhelp.in. IN TXT
;; ANSWER SECTION:
linuxhelp.in. 20877 IN TXT "google-site-verification=mpd2aD7g2Ddf1j7M_phLt_jdm0fdsgggtkzTyHkoOI"
linuxhelp.in. 20877 IN TXT "v=spf1 include:_spf.google.com ~all"
;; Query time: 42 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sun Feb 16 11:57:51 2014
;; MSG SIZE rcvd: 159
randeep@Randeep:~$
Now we can see that the SPF record appeared in the TXT field.
If you try the email verification now, you will get the report as below.
The Port25 Solutions, Inc. team
==========================================================
Summary of Results
==========================================================
SPF check: pass
DomainKeys check: neutral
DKIM check: neutral
Sender-ID check: pass
SpamAssassin check: ham
==========================================================
Well,
What if you use more than one MTA for sending mails. In my case, I use Google app for mails. But for sending bulk mails, I use Amazon SES. So I have to add the amazon host also as the authorized host to send the mails for my domain. It can be done by using "include".
SPF syntax are explained here.
Amazon SES documentation for SPF here.
After you add both, you can verify the same using the dig command.
randeep@Randeep:~$ dig -t TXT linuxhelp.in
; <<>> DiG 9.8.1-P1 <<>> -t TXT linuxhelp.in
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41127
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;linuxhelp.in. IN TXT
;; ANSWER SECTION:
linuxhelp.in. 21599 IN TXT "v=spf1 include:_spf.google.com include:amazonses.com ~all"
linuxhelp.in. 21599 IN TXT "google-site-verification=mpd2aD7g2Ddf1j7M_phLtdsfdfdT8tkzTyHkoOI"
;; Query time: 356 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sun Feb 16 12:11:44 2014
;; MSG SIZE rcvd: 181
randeep@Randeep:~$
No comments:
Post a Comment
Be nice. That's all.