AW: AW: SPF Configurations
Andre Engel
andre.engel at fhe3.com
Sat Dec 5 20:53:54 UTC 2009
John,
> -----Ursprüngliche Nachricht-----
> Von: John R. Levine [mailto:johnl at iecc.com]
> Gesendet: Samstag, 5. Dezember 2009 01:54
> An: Andre Engel
> Cc: nanog at nanog.org
> Betreff: Re: AW: SPF Configurations
>
> >> Right. The only major mail system that pays attention to SPF is
> >> Hotmail, but there are enough small poorly run MTAs that use it that
> >> an SPF record which lists your outbounds and ~all (not -all) can be
> >> marginally useful to avoid bogus rejections of your mail.
> >
> > For example :
> > [ various large ISPs that publish SPF ]
>
> Perhaps this is a language problem. In English, "publishes" is not a
> synonym for "pays attention to." As I said, you need to publish SPF
> to get mail into Hotmail. That's why people do it.
As I said im almost german :-)
Some major providers ,1&1 for example, assigned their customers the
"responsibility" to "pay attention on SPF" for getting mails into their
boxes.(decision between suspicious or not)
> > I know there is a problem so far with forwarded emails but there is
> also a
> > solution :
> > [ hoary SRS proposal to change every SMTP server in the world to make
> them
> > match what SPF does ]
>
> Sigh.
I do not want to change every SMTP servers in the world. I just gonna show
an useful option .-)
> > Every time a mail arrives that is an SRS address the password and
> timestamp
> > could be checked, and faked or outdated recipients could be rejected.
>
> You might want to look at BATV, which has nothing to do with SPF, but
> I have found is quite useful for recognizing spam blowback.
Sure ! For instance If your are providing an mail cluster for your customer
bills, a newsletter server or a cooperated
mail cluster and you know that you are sending emails only to receivers
email boxes BATV is indeed a awesome tool.
But if you are performing a shared mail cluster for your webhosting or your
Dial in customers which are using for instance some special kinds of mailing
lists maybe you need a additional solution.
>From a reputation perspective Id like the idea to combine a set of anti spam
tools if it is useful.
Indeed MAAWG is not "the badest place" to learn about.
> R's,
> John
>
> PS:
>
> > This message (including any attachments) is the property of FHE3 and
> may
> > contain confidential or privileged information. Unauthorized use of
> this
> > communication is strictly prohibited and may be unlawful. If you have
> > received this communication in error, please immediately notify the
> sender
> > by reply e-mail and destroy all copies of the communication and any
> > attachments.
>
> Our policy is to send messages with confidentiality notices to all of
> your competitors.
Sure! Im here to learn *** .-)
Cheers
Andre
--
Andre Engel
Consulting Program Director,
Email and Cyber Intelligence Services "..no space left on the
device/Kein Weltraum links auf dem Gerät"
FHE3 GmbH P: +49 721 869 5907
Scheffelstr. 17a M: +49 160 962 44476
76135 Karlsruhe
andre.engel at fhe3.com
http://www.fhe3.com/
Amtsgericht Mannheim, HRB 702495
Umsatzsteuer-Ident: DE254677931
Geschäftsführer: Peter Eisenhauer, Michael Feger, Dimitrij Hilt
***
This email is distributed in the hope that it will be useful, but WITHOUT
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
FITNESS FOR A PARTICULAR PURPOSE ,...
More information about the NANOG
mailing list