Hello, Do I dare comment on this? Okay, I do...
RE: Advogato: If security was easy and conveinent, then everything would be secure. Someone tell Advogato! Advogato is complaining because they want an unmanagable environment of dynamic outbound relays and expect SPF, static DNS records, to keep up. Solution: SPF has syntax in place to suggest to the destination MTA that email might come from other sources. Or, just don't use SPF because it will not work in such an enivornment. Friends don't let friend forward email -- with or without SPF, but that's another story. Either way, nothing is wrong with SPF and Advogato needs to stop complaining about it when he/she is setting SPF up to fail. RE: Circlied: Yes yes yes. Welcome to real life. Jerks will be jerks and there's nothing to stop them from calling/emailing/FAXing scams to the world be abusing the same methods honest folks sue. SPF is not here to solve everything. SPF add another layer abuse prevention. No one should blindly accept email just because it passes SPF checks. I feel for any email users for a system configure as such - yuck! Solution: Use all email best practices, including filters, RBLs, monitoring logs, PTR checks, user complaints, etc., and SPF as appropriate for the administrator's environment. None of this is an attack on you, Jeff, and I would hope you realize that but I want to mention it to be sure. I realize you are sharing info on other view points and I appreciate that. In light of this, I had to share mine. Summary: SPF may, or may not, work in all environments. Everyone needs to decide on his/her own, but there's nothing wrong with SPF. Thanks. ----- Original Message ---- From: Jeff Lightner <jlight...@water.com> To: Mike Bernhardt <bernha...@bart.gov>; Matus UHLAR - fantomas <uh...@fantomas.sk>; bind-users@lists.isc.org Sent: Friday, June 19, 2009 12:41:50 PM Subject: RE: SPF/TXT records Or moreover not to bother with SPF at all as suggested in these documents?: Why you shouldn't jump on the SPF bandwagon: http://www.advogato.org/article/816.html How spammers get around SPF: http://www.circleid.com/posts/782012_spammer_get_around_spf/ -----Original Message----- From: bind-users-boun...@lists.isc.org [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Mike Bernhardt Sent: Friday, June 19, 2009 12:37 PM To: 'Matus UHLAR - fantomas'; bind-users@lists.isc.org Subject: RE: SPF/TXT records So is the general recommendation in this group to NOT implement an empty SPF2.0 record (i.e., "spf2.0/pra") just in case, as recommended in the 5-year-old openspf document referenced below? -----Original Message----- From: Matus UHLAR - fantomas [mailto:uh...@fantomas.sk] Sent: Friday, June 19, 2009 12:31 AM To: bind-users@lists.isc.org Subject: Re: SPF/TXT records On 18.06.09 16:22, Jeffrey Collyer wrote: > M$ has their own take on SPF called Sender ID, which uses a very similar > record - > > "v=spf2.0" rather than "v=spf1" > > so be sure to read up on them both before publishing records for one or > the other. It has downfalls so I recommend not even studying it, just remember that "spf2" is some M$ crap... v=spf1 is just enough for now. > http://www.openspf.org/SPF_vs_Sender_ID > > Hotmail in particular is picky about what it rejects and why. Yes, hotmail uses to reject mail for many strange reasons. But I don't recommend playing with spf2 just to get mail to hotmail, I think there are better ways to get your mail anywhere. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. My mind is like a steel trap - rusty and illegal in 37 states. _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users Please consider our environment before printing this e-mail or attachments. ---------------------------------- CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you. ---------------------------------- _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
