DTNX Postmaster wrote:
On Oct 18, 2012, at 11:20, Nick Rosier wrote:
David Mehler wrote:
Hello,
Does anyone publish SPF records for IPV6 in DNS? The reason I ask is
my mail server has both an IPV4 and an IPV6 address and when
connecting to it via webmail that goes to localhost, it seems as if
the outgoing connection is either IPV4 or IPV6 depending on whether
that localhost connection got the v4 or v6 address first. I've got an
IPV4 SPF record which works fine and validates. On the IPV6 side that
one doesn't and when reading headers it says so. I'd like to fix this.
I've got an SPF records as following:
bunbun.be. 86400 IN SPF "v=spf1 a mx ptr
ip6:xxxx:xxxx:xxxx/64 -all"
Haven't noticed any problems.
You should not need to publish IPv6 specific SPF records, if your DNS
is set up correctly for both your IPv4 and IPv6 addresses.
From the example above;
==
$ dig +short mx bunbun.be
1000 mx.fakemx.net.
1 mail.rkfomh.net.
$ host mail.rkfomh.net
mail.rkfomh.net has address 87.98.252.31
mail.rkfomh.net has IPv6 address 2001:41d0:1:c831::1:1
==
If that's the IPv6 address Postfix uses to send mail, the simplest form
of SPF record would be;
"v=spf1 mx -all"
Provided it's the only source of mail for this domain etc.
It's not the only possible source of mail so I am/was playing safe.
David, please provide some data that documents your problem; what is
your SPF record, what are the headers that you are reading, and so on?
Nick, please validate your SPF record, because the published one for
that domain results in a Permerror.
Can you indicate how to specify an IPv6 subnet? Not sure if I need it
but I have some other hosts which can send mail.
N.
