How to create records for a domain?

A

Andrey Smirnov2016-01-11 10:41:25

SPF

Andrey Smirnov, 2016-01-11 10:41:25

The task on the script is to configure several smtp as far as I know in the domain that will be indicated as the sender, you need to specify all the ip from which the sending will go to spf and what to write there and how is ipv4 and ipv6 correct?
From which smtp should I make a dkim entry?
And in each smtp to prescribe spf with all ip
Relatively speaking, there is a task to
send from the domain domen.ru
there are 3 smtp
smtp1.ru
smtp.2.ru
smtp3.ru
How to configure all this correctly?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

V

Vladimir Dubrovin, 2016-01-11
@z3apa3a

1. Set up SPF
domain.ru. IN TXT "v=spf1 a:smtp1.ru a:smtp.2.ru a:smtp3.ru ~all"
(if the SMTP server provider has ready-made SPF records, it is better to include them via include)
2. select the DKIM selector, for example mail1 (you can choose different selectors for different SMTP, you can choose one common)
3. publish the DKIM key(s) for the selected selector(s)
mail1._domainkey.domen.ru. IN TXT ...
4. configure email signing with a paired key for the domen.ru domain with the selected selectors
5. Make sure that both the From: header and the SMTP envelope use the domen.ru domain. If, for example, a return address like [email protected] is substituted in the envelope, then SPF will pass, but the DMARC check through SPF will not pass, because the SPF domain is not aligned with the domain in From:. Send a test email, make sure that SPF and DKIM pass specifically for the domen.ru domain.
6. Publish DMARC
_dmarc.domen.ru. IN TXT "v=DMARC1;p=none;rua=mailto:[email protected];ruf=mailto:[email protected];fo=1;"
follow the incoming reports.
If necessary, if everything is fine, then you can switch to the restrictive DMARC policy (replace p=none with p=reject).