Yes, it basically states that as long as you are sending with the proper DKIM and SPF what the mail server should do. If it not, then you can tell it to reject.
Dennis Burgess, Mikrotik Certified Trainer Author of "Learn RouterOS- Second Edition” Link Technologies, Inc -- Mikrotik & WISP Support Services Office: 314-735-0270 Website: http://www.linktechs.net<http://www.linktechs.net/> Create Wireless Coverage’s with www.towercoverage.com From: AF <[email protected]> On Behalf Of Steve Jones Sent: Wednesday, November 14, 2018 9:20 AM To: AnimalFarm Microwave Users Group <[email protected]> Subject: Re: [AFMUG] dkim dmarc implementation yes, just relaying emails without having to actually sent up authentication to the email server. nothing more fun than 30 devices that authenticate to a mailserver and doing a password change. so i just open relay through an on network server, no authentication. Same thing with powercode outbound emails, no authentication to our mailserver, just SPF policy. Does Dmarc allow me to allow authorized hosts that are present in SPF? On Wed, Nov 14, 2018 at 9:13 AM Dennis Burgess via AF <[email protected]<mailto:[email protected]>> wrote: Depends on what you are doing. If you are relaying SMTP traffic after scanning it, not really of any one domain, then no that won’t work. My assumption though is that you are doing this for a company that has devices etc. and you need to relay e-mails. My recommendation is that you install your dkim, setup your SFP as well as implement DMARC, this would effectively prevent spoofing of your domain. Assuming that is what you are doing. Note that everyone should be looking at dmarc, dkim and spf to validate emails. ☺ Dennis Burgess, Mikrotik Certified Trainer Author of "Learn RouterOS- Second Edition” Link Technologies, Inc -- Mikrotik & WISP Support Services Office: 314-735-0270 Website: http://www.linktechs.net<http://www.linktechs.net/> Create Wireless Coverage’s with www.towercoverage.com<http://www.towercoverage.com> From: AF <[email protected]<mailto:[email protected]>> On Behalf Of Steve Jones Sent: Wednesday, November 14, 2018 9:00 AM To: AnimalFarm Microwave Users Group <[email protected]<mailto:[email protected]>> Subject: [AFMUG] dkim dmarc implementation On alot of the networks we manage, we set up an smtp relay locally on the network for thinks like scan to email (alot of scanners and printers that were older didnt have authentication) and other notification/alert sending devices. The relay is IP restricted. We used IP SPF to allow the sending. We also did SPF to allow things like webservers to send on behalf of. If we implement dkim, will that require that the signature be attached to ALL domain emails, or will SPF still be functional for the relays and whatnot through dmarc rules? -- AF mailing list [email protected]<mailto:[email protected]> http://af.afmug.com/mailman/listinfo/af_af.afmug.com
-- AF mailing list [email protected] http://af.afmug.com/mailman/listinfo/af_af.afmug.com
