On 2006-03-16, [EMAIL PROTECTED] wrote: > > Sorry to revive an older thread but I am trying to come up with a basic > SPF policy. I have added TXT "v=spf1 a -all" to my dns. Since we > use webmail, it seems fairly safe and hopefully effective to keep folks > from spamming with our domain names. Does this make sense or does > anyone have suggestions for improvement or keeping us from shooting > ourselves in the foot? >
If the host which resolves to your domain is the only mail relay for your domain, this is OK. If you have a backup relay you should also include his ip address. > Now, i want to set keywords in bofh and the option in courierd am > confusing myself completely. Could someone with more experience > suggest an initial setting to reduce spam but hopefully little valid > mail? > Personally I have the following policy in /etc/courier/bofh: opt BOFHSPFMAILFROM=pass,none,unknown,softfail,neutral This activates SPF checking for the "MAIL FROM" part of a smtp session. Only those mails are blocked whose domains explicitly set "-all" and which are sent through non authorized relays. This policy is fairly effective in terms of virus blocking (at least in my situation). -- Georg ------------------------------------------------------- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642 _______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
