Reject or tag email signed with @mydomain.com

Kevin Spicer kevins at BMRB.CO.UK
Wed Jul 13 22:57:32 IST 2005


On Wed, 2005-07-13 at 15:57 -0400, Ugo Bellavance wrote:
> Julian Field wrote:
> > The result is that we can't publish a useful SPF record. At least I 
> > don't think we can.
> > Is there a way of publishing an SPF record that says nothing useful? :-)
> > 
> 
> Actually, yes... if you use a tilde (~) instead of a dash (-), it only
> generates softfails...  It is almost like saying nothing useful...

In fact there are four different levels, if you really wish to make no
statement you should use ?all. Where you discourage users from sending
through other servers use ~all.  Where you are confident that all mail
originates from your servers -all.  Where you wish to indicate that mail
may originate from anywhere +all.

If you can't tie your users down to using your servers then you should
probably publish a ?all or +all.  I've done this for a couple of the
domains I look after (the others are using -all because I can).  I think
its probably a good idea to do this as MSN and hotmail are saying they
will block mail from domains without an SPF record from November.  My
understanding is that it is the presence or absence of an SPF record
that will determine if mail is blocked, reading between the lines a
permissive SPF record is acceptable.

I agree that SPF will do little for spam (especially as so much spam and
viruses now originate from zombie machines).  However where it could be
useful (depending on adoption) is in preventing joe-jobs and other
forged mail (such as from worms).  I guess this isn't as important to
ISP's (or even public sector) but as an administrator in a corporate
environment anything I can do to help protect our business from damage
to our reputation potentially caused by forged mail is welcome.  Also
anything that reduces the number of calls I get along the lines of
"Hello, I've just had a call from my client saying I sent them a virus"
is welcome ;)

=================================================================
KMR Group, KMR Software and BMRB have moved offices.
Our new address is:

Ealing Gateway
26-30 Uxbridge Road
Ealing
London 
W5 2BP

t: 020 8433 4000
f: 020 8433 4001

All direct line numbers remain unchanged
_________________________________________________________________



BMRB 
http://www.bmrb.co.uk
_________________________________________________________________
This message (and any attachment) is intended only for the 
recipient and may contain confidential and/or privileged 
material.  If you have received this in error, please contact the 
sender and delete this message immediately.  Disclosure, copying 
or other action taken in respect of this email or in 
reliance on it is prohibited.  BMRB Limited accepts no liability 
in relation to any personal emails, or content of any email which 
does not directly relate to our business.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!



More information about the MailScanner mailing list