If I have three mail servers MS1, MS2 and MS3 all with different IPs but share the same domain name (exampledomain.com) and I use an SPF record to specify them, how would reverse DNS work on the server receiving mail from any of my mail servers since each of them would resolve to a different IP? Or would the receiving server have to check against the SPF records instead?
2 Answers
Never name your mail servers (or any other server) with the naked domain name. This will break a lot more stuff than forward confirmed reverse DNS lookups.
Each server should have its own unique name which is a subdomain of your domain, and for which the reverse DNS points back to that name.
answered Nov 2, 2016 at 3:02
-
Ah I see, but if you used a subdomain, is there still a purpose of having a SPF record, since all it needs to say is which mail servers are permitted to send email on behalf of them? Commented Nov 2, 2016 at 3:20
-
1@leeeennyy The SPF record says what servers can send mail on behalf of your domain. If you intend to send mail, you should have one; if there is no SPF record it's assumed that you don't care who sends mail for your domain. Commented Nov 2, 2016 at 3:22
-
Perfect. Thanks for clarifying this up/teaching me new things Michael! Commented Nov 2, 2016 at 3:26
A configuration example for 3 Mailservers:
A Records
ms1.exampledomain.com => 125.1.1.1
ms2.exampledomain.com => 125.2.1.2
ms3.exampledomain.com => 125.3.1.3
PTR Records
125.1.1.1 => ms1.exampledomain.com
125.2.1.2 => ms2.exampledomain.com
125.3.1.3 => ms3.exampledomain.com
MX Records
exampledomain.com => ms1.exampledomain.com
exampledomain.com => ms2.exampledomain.com
exampledomain.com => ms3.exampledomain.com
TXT Records
exampledomain.com => "v=spf1 mx -all"
The spf have a relation with the mx records, every additional mail server in your domain mx records is allowed to send.
You can check if the configuration valid with one of this services
-
Hello, if I have two identical names for different IPs, when one is down will the other take over the service without problems? A Records smtp.exampledomain.com => 125.1.1.1 smtp.exampledomain.com => 125.2.1.2 Commented May 26, 2023 at 20:07
-
No, this is wrong. Read again the answer you are commenting under, it shows up correct DNS setup. Also read the accepted answer: never have identical names for different mail servers. In mail, if you want takeover, make several MX records with different weights (these aren't shown; the least weight numerically will be tried first). Commented Jun 1, 2023 at 10:05