To verify the validity of an SPF record installed for a domain, go here:
put the domain in the form for “Does my domain already have an SPF record? What is it? Is it valid?”, and submit. This will detect many issues, including issues which the syntax checker further down does not catch.
To do a deep study of a bounceback, the best tool this writer has ever seen is here:
in the Message Analyzer tab. Just paste every header you have into there and submit, and then read. Lots and lots of excellent information comes up.
It runs in the background on server, desktop, or laptop (Windows, Linux, or Mac), and it translates native Exchange protocols into that which Thunderbird and appropriate add-ins handle very well. In other words, it acts as a live bridge between Exchange protocols and Thunderbird with Lightning, for contacts and calendar. The instructions are thorough and functional.
Recently it has come to light that the following need to be added to SPF records for email-enabled domains using Constant Contact:
include:ccsend.com include:constantcontact.com include:confirmedcc.com
A few methods:
The first two have free-of-charge tiers.
A Microsoft reference is here:
with further notes here:
This has to be set at the Internet level only. We’ll use “domain.com” as the domain name, just replace it with yours.
- If there are any A or CNAME records pointing to “autodiscover.domain.com”, delete them. If the cert for your server uses “autodiscover.domain.com”, change it to something else, e.g., “remote.domain.com”.
- If there are any A or CNAME records pointing to “*.domain.com”, an asterisk for global, you’ll have to remove them too. You will need to replace with multiple specific records, or a subdomain, if you’re using a global configuration.
- In your Internet DNS, create a new SRV record:
At Network Solutions, the “Service” pulldown needs to have “_autodiscover”, the “Protocol” pulldown needs to have “_tcp”, “Priority” and “Weight” need to be zero, the “Port” needs to be 443, and the “Target” needs to be the A record name used in the MX record, e.g., “mail.domain.com”.
At GoDaddy, “Service” needs to contain “_autodiscover”, “Protocol” needs to contain “_tcp”, “Name” needs to contain “@”, “Priority” needs to be 0 (zero), “Weight” needs to be 0 (zero), “Port” needs to be 443, and “Target” needs to be the A record name used in the MX record, e.g., “mail.domain.com”.
You can test the setup with nslookup:
nslookup -querytype=SRV _autodiscover._tcp.domain.com
The result should be approximately thus:
_autodiscover._tcp.domain.com SRV service location:
priority = 0
weight = 0
port = 443
svr hostname = mail.domain.com
Something new, an Internet email whitelist: