I've reached the limit of my expertise as I've never done DKIM on these
boxes. Hopefully somebody else here can help. But if everyone had
accurate SPFs life would be better.
On 8/31/2017 11:51 AM, Lewis Gardner wrote:
Thanks for the quick reply.
I can assure you there are a lot of "domain owners" that don't
understand this. I'd say the vast majority. That you only get one
complaint a month says something...
The question is how to implement, especially the 1024 bit RSA key. I
can find documentation on how to do this with cpanel but not with
BlueOnyx. Have I missed something obvious?
Roy Urick wrote:
SPF when configured properly makes for quick, efficient filtering of
spoofed domain spam. Our filters check the SPF first, and if the SPF
doesnt match, it doesnt even bother wasting any CPU cycles to check
the actual content of the message.(and throws it out)
The only downside is dealing with domain owners who don't understand
them who then complain when you cant/wont accept their email. I have
to deal with at least one person per month that is being blocked
because their domain's SPF is incorrect. I actually had one SSL
certificate reseller last week that didnt include the domain of the
SSL provider so we wouldnt accept their emails. (the SSL provider was
sending on their behalf and the reseller didnt include the provider's
servers in their record) And telling the reseller support rep why we
werent getting the messages resulted in confusion and got us nowhere.
("I dont know what you are talking about. I'm just a CSR.")
On 8/31/2017 11:05 AM, Lewis Gardner wrote:
I'm struggling on how to set up these records for domains hosted on
a 5209R server.
The SPF record looks fairly straightforward. Make a TXT DNS entry
with some test.
DKIM appears to need a 1024 bit RSA key. Where do I get this? I
assume there I need one per domain so a server may have several?
DMARC appears to be like SPF in that it is another TXT DNS entry.
Personally I think most of this is lipstick on a pig in that these
methods appear to be attempts to make something secure that is
inherently not. But I'm not in charge...
Any pointers?
_______________________________________________
Blueonyx mailing list
Blueonyx@mail.blueonyx.it
http://mail.blueonyx.it/mailman/listinfo/blueonyx
_______________________________________________
Blueonyx mailing list
Blueonyx@mail.blueonyx.it
http://mail.blueonyx.it/mailman/listinfo/blueonyx
_______________________________________________
Blueonyx mailing list
Blueonyx@mail.blueonyx.it
http://mail.blueonyx.it/mailman/listinfo/blueonyx
_______________________________________________
Blueonyx mailing list
Blueonyx@mail.blueonyx.it
http://mail.blueonyx.it/mailman/listinfo/blueonyx