SPF record clarification - Is this set correctly?

I am not very familiar with SPF records so I need a bit of help setting up my SPF record correctly.

Below is a record I created using the Microsoft SPF record wizard

v=spf1 a mx ptr ip4:xxx.xxx.xxx.a ip4:xxx.xxx.xxx.b include:aspmx.googlemail.com include:mydomain.com -all

As you can se开发者_开发问答e I use google apps, I also have two web servers sending mail on behalf of mydomain.com. I also listed two IPs both are web servers relating to mydomain.com and mail from mydomain.com are sent from both server (web app).

I also set the PTR to be xxx.xxx.xxx.a at my ISP. Considering all this and the fact that the above mentioned are the only places where mail get generated for mydomain.com is the above record correct?

---

Most of the results of this SPF specification depend on the MX entries of the domain. What you get here is:

• a: Allow any host, an A record of the domain is pointing to (but not any subdmains, or hosts inside the domain)
• mx: Allow any hosts with an MX record pointing to them
• ptr: Allow all hosts where the PTR record matches an A record. Use this ONLY when you control both the reverse and the forward domains, and probably not even then as it results in some DNS overhead.
• ipv4:...: Allow the named IP.
• include:...: Include the servers allowed by SPF rules in the named domain. Google uses some redirection to allow all its sender hosts here.

I assume the SPF record is entered into the mydomain.com domain directly. The last include is superfluous and probably creates a loop.

After all, it looks rather correct (if you correct the mentiond include if applicable). But to understand what's going on, you should really read the specification, it's really simple in the end.