[ Classification Level: PUBLIC ] DNSBL is by IP, true, but there are other forms of "SMTP blacklist" that are by domain. Getting one's domain on one or more of those lists would help avoid the impact of someone trying to use the domain to spoof malicious email. Sure, you could wait until *after* the damage is done, and then the domain might end up on one or more blacklists, but I was just musing, half humorously, on whether one could be proactive, by volunteering to be on the list(s).
The OP specifically said he wanted to *receive* mail, so I don't understand why people keep recommending a null MX. I've concurred that a "-all" SPF will help. - Kevin On Mon, Aug 19, 2019 at 8:07 PM Reindl Harald <h.rei...@thelounge.net> wrote: > > > Am 19.08.19 um 23:31 schrieb Kevin Darcy: > > [ Classification Level: PUBLIC ] > > > > MXes are for *receiving* mail of course. The request is about *sending* > > mail. > > > > Setting the SPF record to "-all" is probably about the best you can do, > > since AFAIK there is no universally-recognized way to signal "domain X > > never sends mail". > > > > Ironically, in order to prevent anyone from accepting mail purportedly > > from your domain, you might want to make yourself look as much as > > possible like SPAM or malware. > > > > Perhaps you could volunteer your domain to be added to one or more of > > the public SMTP blacklists? :-) > > DNSBL lists IP's not domains and so only you blacklist machones - that's > the worst idea whan can have when nomailspf and null-mx are the way to go > > @ IN TXT "v=spf1 -all" > @ IN MX0 . >
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users