Re: [exim] Is this against any rules in the RFCs?

Top Page
Delete this message
Reply to this message
Author: Avleen Vig
Date:  
To: Odhiambo G. Washington, exim-users
CC: 
Subject: Re: [exim] Is this against any rules in the RFCs?
On Mon, Jan 24, 2005 at 11:02:39AM +0300, Odhiambo G. Washington wrote:
> I hope you had a nice weekend!


Great thanks!

> Q1. Is that setup RFC-ignorant or RFC-legal as far as mail exchange on
>     the Internet is concerned? I'm in doubt, especially regarding
>     sender verifications and callouts.


There is nothing wrong with your setup.
Many organizations set up their mail like this.
It's very standard to have your mail go OUT through boxes which do not
accept email from the internet (ie, they are just relays).

> Q2. Must I publish this box as one of my MXes? The reason I am asking
>     this is because GMX.de (they use SPF) is already rejecting e-mails
>     sent via this server saying:


No. GMX.de are broken, very badly broken.
They're probably not accepting email from several major ISP's, including
AOL and Earthlink in the US, if this is the only reason they're not
accepting your mail.

> >A message that you sent could not be delivered to one or more of its
> >recipients. This is a permanent error. The following address(es) failed:
> >
> > XXXX.YYY@???
> > SMTP error from remote mailer after RCPT TO:<XXXX.YYY@???>:
> > host mx0.gmx.net [213.165.64.100]: 550-5.7.1 {mx054} The recipient does
> > not accept mails from 'wananchi.com' over foreign mailservers.
> > 550 5.7.1 According to the domain's SPF record your host '62.8.64.20'
> > is not a designated sender.
>
> Now, I published an SPF record for this box, without listing it as MX
> and GMX.de still rejected mail from it. It's only after I published it
> as an MX server that GMX.de accepted mail from it.


I can't find an SPF record for your domain. Can you show me what you
have so far?

> Is it a requirement that when you publish a host with SPF, then you must
> also have it as your MX?
> I would understand if a host rejected mail from smtp-out because it's
> not listed as MX for that domain, but I am in doubt as well.


No, you don't have to list it as MX, but you do need it in your SPF
record.
Eg I have:
silverwraith.com descriptive text "v=spf1 mx ip4:66.214.254.162 ~all"
Where "66.214.254.162" is one of my backup outbound relays.