This document sets out some basic info on how to integrate our DNS and Dyn Email services with SPF (Sender Policy Framework). For more info on SPF, vist http://www.openspf.net/.
DuoCircle Standard SMTP
Customers using only our DuoCircle Standard SMTP service to send mail for their domain may want to add an SPF record for their domain listing our server as permitted to send mail for their domain.
"v=spf1 include:outbound.mailhop.org ~all"
This will let you piggy back on the SPF record which we in turn publish for outbound.mailhop.org.
We strongly recommend that you use the -all default mechanism instead of ~all, if possible. This stricter default mechanism will cause any mail coming from IPs not explicitly included in your SPF record to be rejected at it's destination, providing better protection against spoofing. Prior to switching your SPF to -all you should ensure that your SPF record includes every provider you legitimately use to send mail; that mail will be lost if you do not.
If you receive an error when validating your SPF record in the client area, please refer to the KB on Common SPF Verification Problems.
Problems with too many SPF records?
If you are using the DuoCircle SPF records in conjunction with another provider there is a chance that you will exceed the 10 lookup limit. In this instance you will need to flatten your SPF record.
DuoCircle Email Gateway and Backup MX
Customers using our DuoCircle Email Gateway or Backup MX services and who have setup SPF testing on their end, will want to configure their systems to “skip” our servers.
In order to maintain the reliability of the DuoCircle Email service, it may (will) be necessary to add/move machines providing this service from one location to another. Please use the SPF records and not the IP addresses of the servers.
The only thing we can promise with respect to this service is that all mail will be delivered from IP addresses which have proper reverse and forward DNS within the mailhop.org domain.
Please see the documentation for your MTA and /or SPF implementation for info on how to skip IP addresses when performing SPF tests.