Email Server Solution
Steve Buehler
steve at ibapp.com
Wed Aug 3 14:58:39 UTC 2005
At 09:16 AM 8/3/2005, you wrote:
>Steve Buehler wrote:
> > At 02:09 PM 8/2/2005, you wrote:
> >
> >> > Ok. I give. What in the heck is an spf (TXT) record? Something that
> >> > just came out this year? I have everything that AOL requires now. If
> >> > that is a new term for a PTR or reverse record, then I already have it.
> >>
> >> It is probably an SPF record. http://spf.pobox.com/.
> >>
> >> It dictates from which IP a message for a specific domain is supposed to
> >> come from.
> >
> >
> > hmmmm. Is this widely used?
>
>Used by AOL, Google and many other domains. Not everyone rejects a
>message on a FAIL, though (I do, 'cause I have low mail volume).
>
> > I have never heard of it before.
>
>There is also DomainKeys, used by (at least) Yahoo and Google. It is a
>system based on public-key crypto.
>
><snip>
>
>SPF strict records needs a domain for wich e-mail will come only from a
>specific set of servers/IP addresses.
>
>For example, my users only use Outlook/exchange to send e-mail for our
>domain. If they want to send mail from home with their office e-mail
>account, they connect using VPN, so the source is always predictable.
>This is the office's policy. If users don't respect it, their e-mails
>may be rejected. They've been warned.
>
>SPF doesn't need separate DNS servers. SPF implementation is 2 fold,
>and they're not mutually exclusive or reciprocal prerequisites.
>
>1- You can control from which IP e-mail from your domain will come (SPF
>TXT-type DNS records)
>2- You can perform SPF checks with your MTA and reject/warn/tag as SPAM
>messages according to the SPF result.
>
>Hope this helps.
Honestly I would like to see SPF become a standard that is enforced
by all ISP's. When it does, that will cut down on the marjority of
spam. It will also force the programmers of the control panels to
have it automatically put it in when a site is setup instead of it
being a separate process that requires a tech. Or at least someone
other than my boss. If it isn't done automatically, then it defeats
the purpose of having a control panel that is a one step setup
process. It will all be a headache to implement, but might be worth
it to get rid of spam and the load on servers. I will have to look
into it some more and see if I can write a script to automatically
add this to dns records for the domains that we host.
Thanks
Steve
More information about the redhat-list
mailing list