I have two SPF records:
1. v=spf1 include:amazonses.com -all with the name mail.domain.com
2. v=spf1 include:mailbox.org -all with the name domain.com
What would be the correct entry? Thanks.
There is nothing wrong with these records.
Are you actually sending emails from [email protected]?
2 Likes
Amazon SES requires the use of a subdomain for a custom MAIL FROM domain.
1 Like
If you are asking because of the restriction on having only one SPF record, that is a one SPF record per name limit. If you had placed both records at example.com that would be a problem. One at example.com and another at mail.example.com is fine. You could even add another one or more if you started sending email from support.example.com or billing.example.com, etc.
3 Likes
Are you saying that the entry is correct?
Yes.
Given your elaboration of using mail.example.com as a custom MAIL FROM with SES, that record would be correct for them.
As for the apex / naked domain, where you say you have include:mailbox.org, whether that is correct or not, would depend on which MAIL FROM domain that are used with mailbox.org service.
If mailbox.org is using the apex / naked domain (@example.com) as MAIL FROM, that would likewise be correct for them.
2 Likes
Thanks. It seems this security insight is giving a false warning, isnβt it? Rescanning isnβt making it disappear, though.
What warning do you see?
2 Likes
Are those two records you mention:
-
Type β
TXTβ records, starting with βv=spf1β? -
Type β
SPFβ records, starting with βv=spf1β?
In addition, can you share the actual domain name?