https://mxtoolbox.com/SPFRecordGenerator.aspx

Why would you need an Xtra SPF when sending via a domain email address? You should use the domain email address SPF? Or do they not have one so you use an unrelated sending server, i.e, Xtra?

tdgeek:

 

Why would you need an Xtra SPF when sending via a domain email address? You should use the domain email address SPF? Or do they not have one so you use an unrelated sending server, i.e, Xtra?

 

If you just start sending emails from any old IP address, such as your own or the one associated with your domain, you find that because it is not a recognised SMTP sender a lot of other SMTP servers will block it.  This is because there used to be (still are?) malware infections that send directly from infected machines, as fast as the Internet connection allows.  And misconfigured home SMTP servers that permit relaying and end up relaying millions of SPAMs.  So if, like me, you have your own domain and want to send emails using it from your own SMTP server, you have to relay all outbound traffic via a recognised SMTP server.  If you are lucky (as I am with 2Degrees), your ISP will have an SMTP server you can use for this.  If not, then you will likely have to find a server somewhere that you can pay to use.  For my backup MX service, I use dynu.com, and if I needed it, I could pay them to be my outbound SMTP relay for a very reasonable cost.

So as you are relaying the emails, your SPF has to include the relay server addresses.  2Degrees supports this by putting "include:spf.ironport.snap.net.nz" as part of the SPF record, which causes the SPF record at spf.ironport.snap.net.nz to be looked up and included as though it was part of your SPF record:

root@mypvr:/# nslookup -type=TXT spf.ironport.snap.net.nz
Server:         ::1
Address:        ::1#53

Non-authoritative answer:
spf.ironport.snap.net.nz        text = "v=spf1 ip4:202.37.100.96/28 ip6:2406:e000:0:151::/64 -all"

Authoritative answers can be found from:

Doing the SPF record that way is very useful as it prevents problems if your SMTP relay provider changes their IP addresses.

Or you can use your own mail server with an A record, example  mail.domain.co.nz and a PTR pointing the IP to that record. SPF is your own server

If you mean that you're sending out your "me@mydomain.co.nz" emails via Xtra SMTP-AUTH, and need to add something to your mydomain.co.nz SPF record, then just chain to the one for xtra.co.nz --

mydomain.co.nz TXT "v=spf1 include:xtra.co.nz include:spf.myhostingprovider.com -all"

(assuming you have your normal mail server hosted with myhostingprovider.com who have their own spf record in spf.myhostingprovider.com)

Generally, I would say if they haven't explicitly published a record for you to use, you probably shouldn't use it.

The SPF record for xtra.co.nz is...

"v=spf1 ip4:210.55.143.48/29 ~all"

Being IPs, it's subject to change and there is no guarantee non-xtra.co.nz mail is sent via those IPs. You can add "include:xtra.co.nz" in your rule.

As @tdgeek suggested, you could run your own server, but if you're asking about ISP e-mail, your needs a likely quite small and you probably don't want the hassle of maintaining your own server. SMTP2Go gives you 1,000 free e-mails per month on the free plan, so I'd just use them instead. NZ company, with decent support, even for free users.

I think it is the PTR  setting that you should be looking at.

cheshirecat:

 

If you mean that you're sending out your "me@mydomain.co.nz" emails via Xtra SMTP-AUTH, and need to add something to your mydomain.co.nz SPF record, then just chain to the one for xtra.co.nz --

 

mydomain.co.nz TXT "v=spf1 include:xtra.co.nz include:spf.myhostingprovider.com -all"

 

(assuming you have your normal mail server hosted with myhostingprovider.com who have their own spf record in spf.myhostingprovider.com)

 

Xtra like all commercial mail servers (gmail, hotmail, domain) has an SPF. 

If you send email Not From your core sending server you need an include in the SPF record.

decibel:

 

I think it is the PTR  setting that you should be looking at.

 

SPF uses a TXT record on the envelope domain.

 

$ host -t txt xtra.co.nz
xtra.co.nz descriptive text "xtra.co.nz"
xtra.co.nz descriptive text "v=spf1 ip4:210.55.143.48/29 ~all"

SirHumphreyAppleby:

 

Generally, I would say if they haven't explicitly published a record for you to use, you probably shouldn't use it.

 

The SPF record for xtra.co.nz is...

 

"v=spf1 ip4:210.55.143.48/29 ~all"

 

Being IPs, it's subject to change and there is no guarantee non-xtra.co.nz mail is sent via those IPs. You can add "include:xtra.co.nz" in your rule.

 

As @tdgeek suggested, you could run your own server, but if you're asking about ISP e-mail, your needs a likely quite small and you probably don't want the hassle of maintaining your own server. SMTP2Go gives you 1,000 free e-mails per month on the free plan, so I'd just use them instead. NZ company, with decent support, even for free users.

 

If you run your own mail server at home, you just need your home IP address to resolve to the mail server

A record is 219.123.123.123

mail.myserver.co.nz is 219.123.123.123

Ensure that your iSP sets the PTR record for 219.123.123.123 to mail.myserver.co.nz