I have been experimenting with SPF records to improve SPAM protection. I'm having a specific problem with emails that I have sent to a large system when a couple of months later after sending to them I get a message back through cPanel with a Norton removal notice, using the recipients REPLY-TO address as the sender (an easy hack, I know after 20 years), mumbo jumbo as part of the message and clearly a template containing {FRIEND:FORM} FRIEND:EMAIL} etc. The larger company swears that their system is correct but when I run a mail test and general DNS test I get a 100%. I pass an EICAR Anti-Virus test.
My SPF records are the default for my server are clear:
v=spf1 +a +mx +ip4:{my server IP} ~all
I have a default DKIM record.
But the other side is way more than I know.
rimsd.example.com. 21599 IN TXT "v=spf1 a:email.rimsd.example.com a:cmail2.sbcss.example.com a:cmail4.sbcss.example.com a:bnfilter1.sbcss.example.com a:bnfilter2.sbcss.example.com include:spf.protection.outlook.com ~all"
I'm like, what????
So the question is, 1) Do I need to improve since I'm clearly getting mail harvested on one end or the other and sent back to me, and 2) what should my SPF/DKIM records be changed to. I use the defaults.
Thanks in advance. I'm coming from PLesk v8.x through 17.5.x and stuff has changed
My SPF records are the default for my server are clear:
v=spf1 +a +mx +ip4:{my server IP} ~all
I have a default DKIM record.
But the other side is way more than I know.
rimsd.example.com. 21599 IN TXT "v=spf1 a:email.rimsd.example.com a:cmail2.sbcss.example.com a:cmail4.sbcss.example.com a:bnfilter1.sbcss.example.com a:bnfilter2.sbcss.example.com include:spf.protection.outlook.com ~all"
I'm like, what????
So the question is, 1) Do I need to improve since I'm clearly getting mail harvested on one end or the other and sent back to me, and 2) what should my SPF/DKIM records be changed to. I use the defaults.
Thanks in advance. I'm coming from PLesk v8.x through 17.5.x and stuff has changed
Last edited by a moderator:
