On Thu, Nov 02, 2006 at 12:34:59PM -0500, David F. Skoll wrote: > Hi, > > After much consideration, I have removed the SPF record for > roaringpenguin.com. > > SPF was supposed to help prevent "blow-back" from joe-jobs. (It > was never designed to stop spam, of course, but I *was* hopeful that > it would reduce annoying bounces caused by spam faked to come from > our domain.) > > Alas, SPF has not lived up to its promise, and it has caused some > problems for us (we have salespeople working on the road who send mail > through their ISP's servers.) > > So, so long, SPF. Too bad you weren't useful.
We're still using a hard record so that Corporate can control where all mail for our domains originates. We have a policy requiring all email sent from our domains to go through Corp's smtp gateways - and a hard SPF record helps us enforce it. Of course we only notice when someone complains about a "problem" of a bounced mail (from a recipient who honors SPF) originating from their rogue SMTP server. But it has caught a few rogue servers and Internet access points backdoored into some sales offices and manufacturing sites. For avoiding blow-backs from joe jobs, I reject any mail from <>, postmaster, etc. that doesn't match a regex indicating there's a quoted Received line with a legit smtp server's address. Occasionally someone's stupid mail server sends DSNs with something non-standard as a sender, but it is pretty infrequent. Matt -- Matthew S. Cramer <[EMAIL PROTECTED]> Office: 717-396-5032 Project Manager, Planning and Service Management Fax: 717-396-5590 Armstrong World Industries, Inc. Cell: 717-917-7099 _______________________________________________ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
