Regarding
relay.n4l.co.nz,
A couple of days ago, N4L changed the IP address that mail is sent from (to the world).
It was: 122.56.66.10
It's now: 122.56.66.13
Unfortunately an nslookup still shows the .10 address for
relay.n4l.co.nz (using either Spark's DNS or a US-based one).
As such our SPF records - which specify "
relay.n4l.co.nz" - don't work.
The record TTLs are short:
relay.n4l.co.nz IN CNAME
n4lmail-1.sdp.sparkdigital.co.nz 300s (5m)
n4lmail-1.sdp.sparkdigital.co.nz IN A 122.56.66.10 30s (30s)
So my guess is that they haven't been updated accordingly (*).
I rang N4L; we came to the conclusion that our SPF records should specify all the IP addresses that N4L might use, which are:
122.56.66.10
122.56.66.13
122.56.66.14
122.56.66.60
122.56.66.61
122.56.66.62
So something like "ip4:
122.56.66.0/24" for an SPF entry might be a reasonable compromise.
I believe that N4L are aware of current/recent issues with mail being delayed/grey-listed or similar and will no doubt post something to their network status page.
- Ben.
(*) possibly N4L need two hostnames for the different purposes - one for the server we send to; one for the address they send from.
[ previous best practice is covered in the post with subject "SPF records" (aug 5) in this group ]