At 09:16 AM 8/3/2005, you wrote:
Steve Buehler wrote: > At 02:09 PM 8/2/2005, you wrote: > >> > Ok. I give. What in the heck is an spf (TXT) record? Something that >> > just came out this year? I have everything that AOL requires now. If >> > that is a new term for a PTR or reverse record, then I already have it. >> >> It is probably an SPF record. http://spf.pobox.com/. >> >> It dictates from which IP a message for a specific domain is supposed to >> come from. > > > hmmmm. Is this widely used? Used by AOL, Google and many other domains. Not everyone rejects a message on a FAIL, though (I do, 'cause I have low mail volume). > I have never heard of it before. There is also DomainKeys, used by (at least) Yahoo and Google. It is a system based on public-key crypto. <snip> SPF strict records needs a domain for wich e-mail will come only from a specific set of servers/IP addresses. For example, my users only use Outlook/exchange to send e-mail for our domain. If they want to send mail from home with their office e-mail account, they connect using VPN, so the source is always predictable. This is the office's policy. If users don't respect it, their e-mails may be rejected. They've been warned. SPF doesn't need separate DNS servers. SPF implementation is 2 fold, and they're not mutually exclusive or reciprocal prerequisites. 1- You can control from which IP e-mail from your domain will come (SPF TXT-type DNS records) 2- You can perform SPF checks with your MTA and reject/warn/tag as SPAM messages according to the SPF result. Hope this helps.
Honestly I would like to see SPF become a standard that is enforced by all ISP's. When it does, that will cut down on the marjority of spam. It will also force the programmers of the control panels to have it automatically put it in when a site is setup instead of it being a separate process that requires a tech. Or at least someone other than my boss. If it isn't done automatically, then it defeats the purpose of having a control panel that is a one step setup process. It will all be a headache to implement, but might be worth it to get rid of spam and the load on servers. I will have to look into it some more and see if I can write a script to automatically add this to dns records for the domains that we host.
Thanks Steve -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
