I have the following settings in my default server template:
Add SPF DNS record?: Yes, with server’s IP address
Additional SPF IPs and hostnames: empty
Additional SPF included domains: empty
Does SPF record cover all senders?: No
Additional named.conf directives for new zones: None
And it adds Named directive like
mydomain.tld. IN TXT “v=spf1 a mx a:mydomain.tld ip4:xxx.xxx.xxx.xxx ?all”.
However I often see my domain names are used for spamming. For example today morning I received bounced to me e-mail message:
Received: from 22.214.171.124.triolan.net (unknown [126.96.36.199])
by mx1.spamarrest.com (Postfix) with ESMTP id DE056E2CC20
for firstname.lastname@example.org; Tue, 20 Dec 2011 13:43:59 -0600 (CST)
Received: from [188.8.131.52] ([184.108.40.206] helo=localhost.localdomain)
by web.ilnipi.net (envelope-from email@example.com)
(ecelerity 220.127.116.114341 r(49957)) with ESMTP
id 42zx-93-69115; Tue, 20 Dec 2011 09:41:50 +0200
Date: Tue, 20 Dec 2011 09:38:13 +0200
From: “Best-Penis” firstname.lastname@example.org
Subject: Max-Gentleman Enlargement*Pills
Received-SPF: neutral(mydomain.tld: 18.104.22.168 is neither permitted nor denied by domain of mydomain.tld)
I really need to stop this Penis Enlargment crap using my domain name, but not sure how exactly. Any ideas where and to what I need to change to make SPF stricter?
Additionally, I have a separate template for the virtual servers, which use Google Apps. For them per instructions on http://support.google.com/a/bin/answer.py?hl=en&answer=178723 I’d like to change SPF record to: “v=spf1 include:_spf.google.com ~all”. But where and how?