This is my current SPF record. It works well with gmail and yahoo but hotmail was ignoring. So i used their submit system and now they replied me with the text below.
This is my current spf
v=spf1 a mx ptr ~all
Now this is hotmail message
We have successfully added your domain to the Sender ID program. This may take up to 2 business days to be fully replicated in our systems. If you have any questions regarding this please let me know.
We reviewed your SPF record and note that it includes the "ptr" or reverse DNS lookup mechanism. The specification for SPF records (RFC 4408) discourages use of "ptr" for performance and reliability reasons. This is especially important for Windows Live Mail, Hotmail and other large ISPs as a result of the very high volume of mail we receive each day. We highly recommend you remove the "ptr" mechanism from your SPF record and, if necessary, replace it with other SPF mechanisms that do not require a reverse DNS lookup, such as "a", "mx", "ip4" and "include." This will help ensure that Sender ID validation is performed as accurately as possible, maximizing your email deliverability while protecting your domain from spoofing.
So my question is simple. What is the corrected way of it to make it as hotmail wants. Thank you.
Hotmail received email from my server headers
Authentication-Results: hotmail.com;
sender-id=temperror (sender IP is 85.17.154.139)
[email protected];
dkim=pass
header.d=monstermmorpg.com;
x-hmca=pass
X-Message-Status: n:0:n
X-SID-PRA: MonsterMMORPG <[email protected]>
In your case, the same string you're using minus the
ptrshould do the trick.The first question you need to ask yourself is, "From how many domains am I sending email from?".
In this case, you are only sending email from one domain, namely monstermmorpg.com. The "@" in your screenshot refers to the ORIGIN, which is the domain that your zone file covers (presumably also monstermmorpg.com). The next question you ask is, "Do the A/MX/etc. records associated with the name that your TXT SPF record is pointing to point to the IP that sends mail?" For example, let's say your DNS zone looks like this...
In this case, if 85.17.154.139 is the public IP for the server that sends mail, you can change your SPF record to this...
This means that it takes the A record that corresponds with the TXT record and checks to see if it matches the IP in the emails supposedly sent from your domain. If it's a match, awesome! It goes through. If it doesn't match, it means some spammer is masquerading as your domain, and it will be dropped. You don't need to put redundant A and MX references in the SPF record if there's only one server sending mail, and both records ultimately point to the same IP. Another (more efficient, because it doesn't require a DNS lookup) option is as follows...
If your mail server IP rarely changes, this may be a good solution. It's also much easier to understand from your (the admin's) perspective.
The hard
-allis preferred over the soft~allbecause some mail servers like to be 100% certain that the mail is really coming from you.if you're not familiar with creating spf records i'd recommend a tool that does it for you based on a series of questions. for example, http://unlocktheinbox.com/spfwizard.aspx