on 9-24-2008 1:03 PM Bob Hoffman spake the following:
Since a valid spf record cane take all of 5 minutes to write, I don't see it as a big deal. Now DKIM takes a little longer.Besides, in the OP case, SPF will change nothing for mail getting out of his server, since his sender domain matches his client domain (this is what gmail calls "guessed SPF"), and in addition, his client is the MX of his domain, so he is not going to forge his own domain on his own server.Read a few dozen sites since the last post. The reason behind spf is as follows...i guess. SPF says 'this domain and this ip sendmails' and you should say 'reject any mails you (yahoo, gmail, etc) receive that are not from 'this domain or this ip' The ip can be one or many. The domains can be one or many. What they are looking for is 'are you helping them weed out their own spam?' If someone forges your address, yahoo will then go to your site and find out that only 'this ip and this mail server' can send mail. If the mail they got is not agreeing with that, they crush it. This tells yahoo you are somewhat trying to help and then they whitelist it, so to speak. Not doing this will tell yahoo you want 'any mail from anywhere with my email address or domains' to be accepted. Since they do not like that, immediate greylist. So, it is about helping them deal with forgeries and not much else. Many servers ignore or do not use it. From what I read, you should have it.
If it lets my boss send mail to whoever, that is also a plus. -- MailScanner is like deodorant... You hope everybody uses it, and you notice quickly if they don't!!!!
signature.asc
Description: OpenPGP digital signature
_______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
