do you use SPF TXT RRs? (RFC4408)

• Previous message (by thread): do you use SPF TXT RRs? (RFC4408)
• Next message (by thread): do you use SPF TXT RRs? (RFC4408)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Without proper SPF records your mail stands little chance of making it
through some of the larger providers, like gmail, if you are sending
in any high volume. You should be using SPF, DK, and DKIM signing.

I don't really understand how your security company related SPF to DoS
though. They're unrelated, with the exception of backscatter.

-j


On Mon, Oct 4, 2010 at 9:47 AM, Greg Whynott <Greg.Whynott at oicr.on.ca> wrote:
>
> A partner had a security audit done on their site.  The report said they were at risk of a DoS due to the fact they didn't have a SPF record.
>
> I commented to his team that the SPF idea has yet to see anything near mass deployment and of the millions of emails leaving our environment yearly,  I doubt any of them have ever been dropped due to us not having an SPF record in our DNS.  When a client's email doesn't arrive somewhere,  we will hear about it quickly,  and its investigated/reported upon.      I'm not opposed to putting one in our DNS,  and probably will now - for completeness/best practice sake..
>
>
> how many of you are using SPF records?  Do you have an opinion on their use/non use of?
>
> take care,
> greg
>
>
>
>
>
>
>

• Previous message (by thread): do you use SPF TXT RRs? (RFC4408)
• Next message (by thread): do you use SPF TXT RRs? (RFC4408)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]