After reading up on SPF, Caller-ID and Domain Keys, I'm backing SPF!
I prefer SPF over caller-id because is looks like SPF is being pushed by
the internet community in general, making it easy to adopt by all.
Caller-id on the other hand is being developed and pushed my Microsoft
(trying to take ov
> There is also nothing stopping a static bulk mailer from
> implementing SPF on their own system, and to my knowledge,
> there is no way to stop that from happening.
That is correct. As somebody else has said passing the SPF does not mean
the email isn't spam, and as SPF states it is aimed to
> Example, I host hundreds of domains that have no associated email
> accounts and are not using for outbound messages. I would only HOPE
> that you would NOT deliver spam or viruses generated as
> [EMAIL PROTECTED]
Word to that! You own the domain, you set the policy. Anyone wh
> To each their own of course. I'm just trying to document some of the
> issues that people should look out for when implementing SPF for
> their domains, and scoring it on their systems.
You still don't seem to get the nuances of "my system" vs. "my
domain." Scoring SPF FAIL at anythi
Title: Message
Matt,
I
think the point is, that there are TWO different decisions:
a) can you implement SPF for your own domain - you say
"No" - then don't.
b) can you follow the SPF policies that OTHER
administrators set for THEIR domains - apparently they want you
to.
IF
som
> >You could setup port forwarding for the users that are blocked
> so their mail
> >goes out your server. So instead of using port 25 to send mail they could
> >use port 925 for example. The ISP probably is not blocking this.
> >
> >
> I could if I had a router capable of this, but I don't right
This is why I am not implementing SPF on my system. As a blacklist, it
would punish some of my customers, so I would be forced to list them as
unknown which is in effect as effective as not listing them as all. I
certainly wouldn't want to assume that since 95% of them would pass a
strict tes
> Also to add to Matt's comments a lot of problems also come up
> with web forms. This is one reason we have not yet
> implemented SPF for our server.. Have not taken the time to
> figure out ..
Wouldn't this be similar to a mail forwarder? Whereby implementing an
SRS system would get round th
> I get a lot of E-mail that would fail SPF that is in fact valid. A
> lot of mail scripts and E-commerce sites are set up to send E-mail
> notifications with the Mail From generated from a user submission
> (since one can just simply press reply in order to respond).
While that may imapct
> > I get a lot of E-mail that would fail SPF that is in fact valid. A
> > lot of mail scripts and E-commerce sites are set up to send E-mail
> > notifications with the Mail From generated from a user submission
> > (since one can just simply press reply in order to respond).
>
> Many e-commer
Kevin Bilbee wrote:
Many e-commerce sites do this type of stuff improperly. They should use an
address from their site as the from with the reply-to header for where you
ar to reply to.
They should only because of spam blocking, but in practice, many don't.
The bigger ones have of course most
Lyndon:
Also to add to Matt's comments a lot of problems also come up with web
forms. This is one reason we have not yet implemented SPF for our server..
Have not taken the time to figure out ..
Imagine someone on CNN's site using the eMail friend - to show you this I
went to CNN and sent myself
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Behalf Of Matt
> Sent: Thursday, March 11, 2004 10:48 AM
> To: [EMAIL PROTECTED]
> Subject: Re: [Declude.JunkMail] SPF
>
>
> Lyndon,
>
> I get a lot of E-mail that would fail SPF that is in fact valid. A lot
> of
There are four, - fail, ~ softfail, + pass & ? Neutral.
There are also:
error (if the DNS fails)
unknown (if the syntax is unrecognised)
none (if there is no SPF info)
How do these difference responses work? Apologies if these have already
been covered...
Those have apparently changed since the o
There are four, - fail, ~ softfail, + pass & ? Neutral.
There are also:
error (if the DNS fails)
unknown (if the syntax is unrecognised)
none (if there is no SPF info)
How do these difference responses work? Apologies if these have already
been covered...
-Original Message-
From: Kevin
Lyndon,
I get a lot of E-mail that would fail SPF that is in fact valid. A lot
of mail scripts and E-commerce sites are set up to send E-mail
notifications with the Mail From generated from a user submission (since
one can just simply press reply in order to respond).
Also, some of my own cus
Scott I remember an issue with SPF that does not fall into pass or fail but
if they use the ? in the spf record the email may be a maby.
Has this been resoved? Or am I understanding it improperly?
That isn't an issue -- it's just how SPF works. The "?" means
"Unknown". For example, "v=spf1 +mx
Scott I remember an issue with SPF that does not fall into pass or fail but
if they use the ? in the spf record the email may be a maby.
Has this been resoved? Or am I understanding it improperly?
I do not want to negative weight a maby if it falls into the pass category.
I know I do not have to
That's a real shame! If you received a negative response from an SPF
participating domain, you should be able to reject the message straight
off. That way you aren't left 'carrying the can' so to speak, and the
email gets stuck with the HiJacked server or the spammer. Similar to how
AOL reject conn
One more question, In the event we want to reject an email that fails
the SPF test for a SPF participating domain, is Declude able to reject
incoming emails before receiving the message body? IE terminate the SMTP
connection?
No. IMail doesn't have the ability to do that, either with or without
You can use SPF to just check. But it would work best when you do both.
Otherwise if nobody implemented, nobody would have anything to check
against - catch 22.
By implementing you also protect your own domain(s) from being spoofed
(providing the recipient checks against SPF). The more publicity
Forgive the ignorance. To use the SPF test, do we have to have
implemented SPF ourselves or can it be used to check against those who
have?
Thanks,
John
---
For those that are interested, we now have an interim release with SPF
support in it. [interim information removed] To use the new SPF t
What is the best way to implement SRS in Imail? Maybe one for the Imail
list (or SRS somewhere).
Regards,
Lyndon.
Email checked by UKsubnet anti-virus service
To prevent email abuse & block spam
contact [EMAIL PROTECTED]
Tel: +44(0)8712360301
Thanks for that Scott!
One more question, In the event we want to reject an email that fails
the SPF test for a SPF participating domain, is Declude able to reject
incoming emails before receiving the message body? IE terminate the SMTP
connection?
Regards,
Lyndon.
-Original Message-
F
First I'd heard about SPF. Sounds like a way forward!
On the SPF site is says SPF is supported by Declude, how can I begin to
check inbound emails for SPF?
Here's a copy of my original post. The latest beta version (1.78) and
recent interims have the SPF support.
---
For those that are interes
First I'd heard about SPF. Sounds like a way forward!
On the SPF site is says SPF is supported by Declude, how can I begin to
check inbound emails for SPF?
Regards,
Lyndon.
Email checked by UKsubnet anti-virus service
To prevent email abuse & blo
FYI, there is a poll about SPF, DomainKeys and Caller-ID on the
winnetmag.com website. For those who support SPF, you may want to vote at
http://www.winnetmag.com/windowssecurity (the "Instant Poll" section on the
right side of the screen). Note that it is (unfortunately) listed as
"Sender Po
Sounds like you have a sales "opportunity" to get them on filtering, but
also sounds like filtering won't help with the flood. Is this flood with or
without the nobody alias?
I would definitely be contacting the authorities as this amounts to a DOS
attack. Maybe others who have dealt with this b
The problem with it is we give clients the choice if they want to be on the
filters or not, they have made the choice not to be on the filters. We put
them on it anyway and then we ended having to remove the mx records for
them. The qmail server (our spool server) had no problems keep up, it kept
Amazing!
-Original Message-
Yes. Apparently, a small percentage of their customers complained that
the
Message-ID: header included information they did not want others to
see. Instead of adding an option to either disable the Message-ID:
header
or alter the content used in it, they opt
a customer uses Outlook 2003 and his mail fails the Spamheaders Test
421e.
Correct.
is this an known feature? ;)
Yes. Apparently, a small percentage of their customers complained that the
Message-ID: header included information they did not want others to
see. Instead of adding an option t
Hello,
a customer uses Outlook 2003 and his mail fails the Spamheaders Test
421e.
this is:
-
This E-mail is missing a Message-ID: header. Although it is legal not to
have one, the RFCs say that E-mails SHOULD have this (which, in RFC terms,
means that you must have the Message-ID: header
So should I just disable the DNS Cache and skip list then?
Mark
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of John
> Tolmachoff (Lists)
> Sent: Wednesday, March 10, 2004 5:45 PM
> To: [EMAIL PROTECTED]
> Subject: RE: [Declude.JunkMail] OT: Imail Q
33 matches
Mail list logo