Am 17.06.20 um 21:15 schrieb vom513 via mailop: > I know the ultimate answer is “do what makes sense for me” - but I’d love > some feedback from folks here on what they consider best practice etc. Also > please help me with my understanding of SPF / DMARC interactions (especially > with regard to what the big providers are doing) if I’m out of line.
I'm pretty wary of SPF, especially since it just breaks mail forwarding which some of our users like to do to consolidate all mail in one mailbox. I know they should not do this, but attempts at enlightening them are pretty futile, and I don't want them to point their fingers at us about missed e-mails. At the moment, I do some DKIM checks (since that works mostly ok even in the presence of forwarding) and some very strict analysis of sender domains. A remarkable amount of spam is sent from domains which can be recognized as not trustworthy, for example because the domains are registered with anonymizing services and hosted at providers who don't give a f*ing f. I may look at SPF (especially in combination with DMARC) at a later time to detect some more unwanted mail but currently most of the remaining spam (as far as I can see) is the stuff being sent via cracked regular mail accounts. Body filtering is basically the only thing that helps against that (and of course, blocking mails from notoriously insecure providers from which legit mail is very unlikely.) Cheers, Hans-Martin _______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
