Linode.com Forum

[l9nux]

Hi all,

I'm running CentOS 5 with Sendmail, and it's configured to forward any mail to my domains (e.g. mydomain.com) to another email address. I also send mail from this server, but also from my home ISP's SMTP servers.

Can I use SPF in this case? I'm fairly new to it, so I need to understand it a bit better. I want to use SPF so I can increase my chances of delivering mail to the likes of Yahoo, AOL and Hotmail.

I use Linode's DNS, so when I do a reverse lookup on my IP it resolves to the Linode host name (rather than my domain name). In this case, do I include the Linode host name in the SPF record?

Any help would be much apreciated.

Ray

[irgeek]

First things first. You can fix the rDNS of your Linode IP very easily. Set up an A record for the name you want your IP to resolve to then go into the Dashboard -> Utilities -> Reverse DNS Manager to set up rDNS.

Secondly, one of the huge advantages (in my opinion) of running a Linode is that you don't need to rely on your ISP's outbound SMTP. It's pretty easy to set up any modern MTA to use TLS & authentication. Then you just set up your mail clients to route through your Linode at all times. That makes your SPF record very easy: "v=spf1 mx -all" If your ISP is blocking outbound access on port 25, no problem. Set up your MTA to listen on a second, unblocked port. No more problem! I've done it like this for years and it makes dealing with email from my laptop so much better.

Anyway, that's my $0.02

--James

[SteveG]

Yes, you can have multiple servers listed in your SPF record. Check http://www.openspf.org/ for more info than you can stand.

And yes, setting *all* your mail to go through your linode instead of using your ISPs servers is not too hard. I'm too stupid to figure out TLS (well, not TLS itself, but the morass that is SASL ("Simple" my a**!)), but UUCP works nicely!

[sweh]

UUCP over SSL, at that, if you want to do it properly. Very easy with stunnel (for incoming) and openssl (for outgoing) wrappers.
Code: % cat /etc/stunnel/stunnel.conf
cert=/etc/stunnel/stunnel.pem

[uucp]
accept = 12345
exec = /usr/sbin/uucico
execargs = uucico -l

Code: % cat /etc/uucp/port
port ssl-remote
  type pipe
  command /usr/bin/openssl s_client -connect remote_machine:uucp-ssl -quiet

(where "uucp-ssl" is defined in /etc/services to match the stunnel config)

Code: % cat /etc/uucp/sys
call-login *
call-password *
commands /usr/bin/rmail
max-remote-debug none

system remote
  time Any
  # port tcpip
  port ssl-remote
  address remote-machine
  chat-seven-bit false
  chat ogin: \L ssword: \P
  called-login Uremote
  chat-timeout 60

(The rest of the UUCP config goes as normal with /etc/uucp/passwd, and /etc/uucp/call)