I just set up my first ever email server and I’m proud of myself! 😊 Do you have any advice to avoid common problems? I mean something beginners often do that they shouldn’t. Thanks!

  • emhl@feddit.de
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    What’s the reason for using IPs instead of domain names for SPF and MX?

    • z3bra@lemmy.sdf.org
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Because it’s the simplest form of mechanism for SPF, and the most understandable in my opinion.

      a and mx mechanisms are just ip4/ip6 with extra resolving steps and more complex rules. For a selfhosted setup where you only have a single IP address, this is the most straightforward

      As an example, try to guess which one of these SPF records will or will not pass SPF, given that the IP address sending emails is 1.2.3.1:

      $ORIGIN domain.tld.
      $TTL 1d
      
      @        SOA      pluto.domain.tld. admin.domain.tld ([])
                NS      pluto.domain.tld.
                NS      saturn.domain.tld.
                MX 10   mx.domain.tld.
                 A      1.2.3.5
               TXT      "v=spf1 a -all"
               TXT      "v=spf1 mx -all"
               TXT      "v=spf1 ip4:1.2.3.1 -all"
      
      jupiter    A      1.2.3.1
      pluto      A      1.2.3.2
      saturn     A      1.2.3.3
      venus      A      1.2.3.4
      
      mx     CNAME      jupiter.domain.tld.