Spf


#1

Any news on when SPF will be (re-)implemented?
There is a section in the Wiki on setting SPF up manually.
Has anyone tried this?


#2

According to DH Support the manual instructions in the Wiki should work.


#3

OpenSPF provides a fairly spiffy (if I do say so myself) SPF Wizard. :slight_smile:


#4

I followed the instructions on the Wiki a few days ago.
Since then I think the number of bounced/rejected messages has dropped, but certainly has not dried up completely.
Correct me if I am wrong, but this would depend on how many of the ISPs receiving forged emails use SPF.


#5

Yeah, as I understand it, when you add an SPF entry (which is just a specific kind of string as a dns TXT record); you are taking measure to keep your own domain from contributing to the problem. By only allowing mail to be sent from specified domains, your mail server cannot be used by any old spammer to bounce mail along the way. So the more domains that implement it, the more effective it will become.

From the Wikipedia entry, Sender Policy Framework:

Normal SMTP allows any computer to send e-mail claiming to be from anyone. Thus, it’s easy for spammers to send e-mail from forged addresses. This makes it difficult to trace back to where the spam truly comes from, and easy for spammers to appear to be senders the receiver would ordinarily trust. Many believe that the ability for anyone to forge Return-Path addresses is a security flaw in modern SMTP, caused by an undesirable side-effect of the deprecation of source routes.

Your question actually forced me to look that up, thanks. :slight_smile:

Always learning …