Re: spf record
According to Stephen Gran,
> This one time, at band camp, Marek Podmaka said:
> > Hello Michael,
> >
> > Saturday, January 21, 2006, 23:09:28, Michael Loftis wrote:
> >
> > ML> Have you even looked at AOLs SPF record? notice the ?all at the end? The
> > ML> net result of that is that even with systems using SPF it's a 0 change,
> > ML> except for yet another dns lookup. AOL knows that if they removed the ?all
> > ML> tag from the end they'd break a LOT of accounts using aol and sending to
> > ML> places implementing SPF. So SPF doesn't really help AOL either.
> >
> > Interesting discussion about SPF... There are actually 2 things to
> > think about - one is implementing SPF on DNS for our domains and the
> > other is using SPF to limit "bad" incoming mail. In my opinion the
> > second one has only advantages. So I would like to ask what do you
> > recommend? Integrate it in postfix somehow? Or is it enough to turn
> > on SPF checking in SpamAssassin? How?
>
> As mentioned, SPF breaks forwarded mail. If you are absolutely
> confident that your users will never receive legitmate mail through a
> forwarder with a return address in a domain that does not have an spf
> all record, feel free to reject it at smtp time. If not, I would just
> use SA checks. To enable it in 3.1, you add or uncomment this bit in
> /etc/spamassassin/init.pre:
>
> loadplugin Mail::SpamAssassin::Plugin::SPF
I concur with that and I believe that is the default for
spamassassin installed from the debian package.
TG
Reply to: