On Mon, 2010-08-02 at 22:13 -0400, donovan jeffrey j wrote: > Greetings > > i have an internal dns server it resolvs all my queries from the inside. > I have a mail system requesting an spf record. Should i add the same record > on the inside as i do for the outside ? i don't want internal address space > to mess with external. > > i would say just place it on my external dns. But it's an internal content > filter that is asking for the record, so then shouldn't place it on the > inside? > > any insight suggestions and flames welcome >
Hi, Why not have internal clients use smtp auth on submission only, and bypass spf (and other anti uce) tests? If postfix (since its the MTA used in your post, youm likely are), use: submission inet n - n - - smtpd -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=reject_unknown_sender_domain,reject_unknown_recipient_domain,permit_sasl_authenticated,reject -o receive_override_options=no_milters But anyway, when I ran split views, I used spf on internal range using the int IP, but used ~all in place of -all (which I use on externals). Cheers Noel
_______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
