On 11/23/22 8:38 AM, Slavko via mailop wrote:
Anyway, using SPF on shared environment is something, what negates SPF purpose at all, as anyone from that shared provider can succesfuly pass SPF for any other domain in it (sharing the same TXT records). Thus in these shared services is SPF mostly cosmetic or part of PR/marketing only. Whole result then depends only on that, if particular provider checks spoofing from own customers, which is a) not published and b) moves trust to smewhere else.
I don't agree with SPF being mostly cosmetic on a shared hosting environment. Yes, other people on the same host can send messages without authorization while still passing SFP checks. However, others, not in said shared hosting environment /can't/ send messages while still passing SFP checks. The difference is in the scope of who can pass SFP checks, the /just/ the shared hosting environment verses the entire Internet.
I believe there is some value in SPF even in a shared hosting environment. It's just less value than in a dedicated hosting environment.
-- Grant. . . . unix || die
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
