9

I'm setting up an email server, and I'm a bit confused by SPF. Following some examples, I set my SPF record as follows...

v=spf1 mx ip4:1.2.3.4 mx:mail.mydomain.com ptr:1.2.3.4 -all

I follow what most of that means, but why is MX in there twice? I assume the second MX means, "This is a mail server for this domain." Am I right on that?

And either way, what does the first MX mean? Does it just indicate anyone checking should look at the MX records stored apart from the SPF TXT record? And, if so, is the MX:mail.mydomain.com redundant with the actual MX records?

Dan Repperger
  • 101
  • 1
  • 1
  • 3

1 Answers1

13

The first MX means that the IP addresses in the MX record(s) for the domain you're actually attaching the SPF record to should be accepted as valid. The second one means that IP addresses in the MX record(s) for the domain mail.mydomain.com should be accepted as valid. If this SPF record is for the domain mail.mydomain.com, then the second one is redundant. However, if the SPF record is for mydomain.com, then the second MX is not redundant.

Mike Scott
  • 8,228