This is a bit OT, but... You specify in an SPF (TXT) record your outbound MTAs, the ones that everybody outside of your organization will see your mail sourced from. If it goes through a third-party outsourced provider, you put the provider's MTAs in your record (best via an include:). If your marketing people use a third-party spammer^H^H^H^H^H^H^H provider for sending e-mail blasts, you also put those MTAs in your record (again, best via an include:). Leave your internal relays out of the record, nobody outside sees them or cares about them. (This is a specific short-coming of SPF, it doesn't really work with forwarding and relaying.) If you can't work around your forwarding / relaying issues, think about using DKIM to sign your messages. DKIM doesn't care how mail gets delivered as it's not tied to MTA IP addresses like SPF is and is thus forwarding and relaying insensitive.
See openspf.org and dkim.org for more details. Regards, Mike -- Michael Milligan -> mi...@acmeps.com _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
