Marc Perkel wrote: > I disagree. SPF is a broken technology and no one should use it. It does > nothing to prevent spam and it creates false positives. It breaks email > forwarding. > > The biggest thing you can do you reduce sender forgery is to eliminate > wildcard domains and reject invalid users at connect time. Forgers like > to spoof domains that will pass anything when queried with sender > verification.
SPF works well for the domains I look after, though I do agree that it is unsuitable where forwarding is needed. It shouldn't be forgotten that SPF has two aspects, one where you identify the points where email can be sent from and the second where this information is used to block incoming mail. If I only used SPF to block mail I would find that many domains already use SPF and this removes much spam; as I also have SPF records to identify where mail is sent from I have found that it completely eliminates spam sent to users from themselves and has eliminated many of the attacks that I used to have to deal with. Best, Alan > > [EMAIL PROTECTED] wrote: >> Check out SPF - Sender Policy Framework: >> >> http://www.openspf.org/ >> >> Exim has some configuration options you need to set when you build exim to >> enable spf. >> >> Dan >> >> >> >> Sent by: [EMAIL PROTECTED] >> To: [email protected] >> cc: (bcc: Dan Mitton/YD/RWDOE) >> Subject: [exim] Preventing Sender Forgery . >> LSN: Not Relevant >> User Filed as: Not a Record >> >> Hi all , >> >> How can I prevent Sender Forgery for my server. Alot of people in my >> company are getting e-mails from themselves. Any Ideas will be greatly >> appreciated. >> >> Best Regards, >> >> Jeremy >> >> > -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
