On the off chance that this affects anyone, I’ve gone through and published SPF records for all domains where I host DNS. It’s something I should have done a while ago, but I was spurred into doing it today after I noticed what seems to be a lot of backscatter from non-existent users, meaning that someone sent spam pretending to be ttwagner.com.

For those who don’t follow mailserver and DNS news, SPF, short for Sender Policy Framework, allows a DNS server to publish a TXT record (fairly obscure outside of SPF) specifying what servers are allowed to send mail from that domain. Normally anyone on the Internet could send mail claiming to be from n1zyy.com or ttwagner.com, but I now have SPF records stating that only 64.191.108.120 is allowed to send mail for these domains. I’ve gone a step further, and added null records (no one is allowed to send mail) for some domains I have that don’t send any e-mail.

“Good” mailservers will now check for an SPF record when mail is sent, and refuse mail forging any domains hosted here. I’ve set a really short (240-second) TTL, so I can change this in 4 minute’s time if need be.