Hi All, hope you are fine and doing well.
I am looking for some help to configure SPF record for our domain. I am using mydomain.com as an example.
We have Exchange server 2013 mail server in our domain.
Current SPF records: we have two SPF records as per mxtoolbox.com.
spf:mydomain.com is "v=spf1 a:mail.mydomain.com a:mailservername.mydomain.com mx:mydomain.com -all"
spf:mail.mydomain.com is "v=spf1 mx –all"
Both of the records are showing “SPF Record Depreciated” in mxtoolbox.com.
Now, recently we came across email sending issue to one external domain as emails were getting rejected by that domain because of our SPF records. When I contacted other domain support, they said they are looking for following SPF record of our domain.
v=spf1 include:mydomain.com ~all
Now we are also facing issue with spoofed-domain emails. Emails coming from outside world with our domain address like it came from our own domain, and we want to stop it.
(1) (1) Should we maintain a new SPF record for the domain mydomain.com or mail.mydomain.com or for both?
(2) (2) Do we need to remove current SPF records and add new and correct SPF records?
(3) (3) What is the SPF records we need to create?
Is it "v=spf1 mx a:mail.mydomain.com –all" or "v=spf1 mx a:mydomain.com –all" ?
(4) (4) The one SPF record other domain-support advised “v=spf1 include:mydomain.com ~all”, should we need to add that too? Can we use -all option instead of ~all to reject emails coming from outside world using our domain address (spoofed-domain emails)?
Thanks for your help.