Maybe you mean: 'innovation1' or 'content-zoom5' or 'okta-test'
Postini Enable SPF Check
Users can enable SPF check for their organizations to tackle source address spoofing.
However, Postini recommends that for inbound mail flow to an organization, they do not need to setup SPF as most of the spam is quarantined by the Postini Email Security Service. If you want to enable SPF for just the inbound mail processing in Postini, you need to setup your mail server so that it accepts mail flow from Postini IP ranges only. This way emails originating from destinations other than Postini will be blocked.
If you do not use SPF to check inbound email, then you do not need to make any configuration changes for SPF to influence your inbound traffic. If you wish to use SPF, or do so and wish to continue, it will be necessary to configure your SPF records to include the Postini IP ranges.
It should not be necessary to use SPF on your incoming traffic. Instead, protect your mail servers from spammers bypassing Email Security by locking down your firewall to accept only incoming message traffic from Postini.
Postini has investigated SPF and has decided not to implement it as a feature for inbound mail processing. Implementing SPF would add significant processing overhead without adding any appreciable effectiveness to the spam filtering. Almost all mail that would be blocked by SPF are also identified as spam by our spam filters.
In addition, Postini tracks the IP addresses of Fortune 500 corporations and the most popular internet sites. Adding these domains to the Approved Senders list, particularly at the organization level, is not usually needed and can result in spam appearing to be sent from those domains inadvertently getting to users’ mailboxes. For this reason, Postini recommends against using the Approved Senders list in this way; rather, it should be used only for mail from senders that has previously been falsely quarantined as spam.
Sender Policy Framework (SPF) records allow domain owners to specify which hosts are permitted to send email on behalf of their domains. Normal SMTP allows any computer to send an email on behalf of any domain. Thus, it’s easy for spammers to send emails with forged From: addresses. SPF allows a domain owner to use a special format of DNS TXT records to specify which machines or hosts are authorized to transmit email for their domain, making it difficult to forge From: addresses.
For example, if you own the domain example.com, you can designate which hosts are authorized to send email originating from email@example.com. Your recipient’s servers will then identify the origin of your message by checking the SPF record.
Setting up SPF DNS entries as follows will minimize non-deliveries through outbound. Use this if you ONLY send your outgoing messages via email security outbound services:
domain.com. IN TXT “v=spf1 ip4:126.96.36.199/20 ip4:188.8.131.52/20 ip4:184.108.40.206/22 ip4:220.127.116.11/22 ~all”
You only need to enter one of the four IP ranges, depending on your system number or location. The 18.104.22.168/20 range is for customers in the US on systems 5, 6, 7, 8, and 20; the 22.214.171.124/22 range is for customers on systems 9, the 126.96.36.199/22 range is for customers on systems 10, while the 207 range is for customers on systems 20, 200, and 201 in the UK. If you do not route all of your outbound mail through the message security service, you’ll need to add any additional IP ranges from which users at your domain send mail.
Example of a customer on system 9 using SPF for outbound in the US: example.com. IN TXT “v=spf1 ip4:188.8.131.52/22 ~all”
You do not need to make any configuration changes to your SPF settings for inbound traffic unless you are using SPF on your incoming mail traffic. In this case, add the following to your SPF record to allow notifications to be delivered:
domain.com. IN TXT “v=spf1 ip4:184.108.40.206/20 ip4:220.127.116.11/20 ip4:18.104.22.168/22 ip4:22.214.171.124/22 include:spf.postini.com ~all”
Note: Publishing an SPF record that lacks include:spf.yourdomain.com or specifying -all instead of ~all may result in delivery problems.
If you send outgoing mail via your own mail servers, you can use the SPF wizard to find out how to add your servers to the SPF entries described above:
Publishing an SPF record following the format described by the SPF wizard should have no impact on your inbound mail flow through the security service.
SPF Query Tool: