SPF_Fail score too low?
Kevin Miller
Kevin_Miller at ci.juneau.ak.us
Fri Apr 6 15:54:29 IST 2007
Matt Kettler wrote:
> Kevin Miller wrote:
>> Matt Kettler wrote:
>>
> snip
> It's gotchas like that which make me suggest starting off at neutral.
> Even though you can reliably know what machines SHOULD be allowed to
> send mail from your domain, you might have servers that DO send mail
> from your domain even though they should not that provide critical
> business services.
I understand the problem, but I'm still unclear on how one test for it.
If you put up a domain with neutral or softfail, how do you know when a
hit occurs? If I spoof your domain and send to a third party, they'll
either silently drop the email or send 550 back to me. How do *you*
know when it's safe to walk a neutral up to softfail and from there to
hardfail? When I first installed spf in my dns I searched all over the
spf web site for clues on how folks are doing that. Never found
anything...
...Kevin
--
Kevin Miller Registered Linux User No: 307357
CBJ MIS Dept. Network Systems Admin., Mail Admin.
155 South Seward Street ph: (907) 586-0242
Juneau, Alaska 99801 fax: (907 586-4500
More information about the MailScanner
mailing list