On Mon, Dec 7, 2009 at 11:21 PM, Michael Holstein <michael.holst...@csuohio.edu> wrote: > > Personally, I think SPF is a major PITA operations-wise .. but if you've > ever had to fill out the form to get un-blacklisted at Yahoo/AOL, that's > one of the first things they ask .. "do you have a spfv1 record defined?".
With yahoo and aol - they'd be just as satisfied if you used, say, DKIM. Hotmail's the only one that insists on sender-id (not spfv1 either) As for a university smarthost getting blocked you'd probably need to look at one of two things - 1. Forwarding users on your campus - with mailboxes that accept a lot of spam and then forward it over to student / alumni AOL, Comcast, Yahoo etc accounts 2. Spam generated by infected PCs / laptops, hacked machines etc on your campus LAN If you took steps to fix some of these - 1. Isolate your forwarding through a separate IP or subnet, filter it before forwarding on 2. Separate your outbound to another set of IPs, again filter and a few other things - related to this .. you'd get blocked far less. Joe St.Sauver of UOregon, being a maawg senior tech advisor and also active in EDUCAUSE etc, might have a white paper on this, like he does on most other security related issues under the sun :) -- Suresh Ramasubramanian (ops.li...@gmail.com)
