On 05/07/11 21:54, Jan Ingvoldstad wrote: > On a general basis, I recommend against using SPF, but if one "must" use > SPF, remember to NOT set it restrictively. > > That is: never, ever use "-all" or similar constructs that restrict message > handling to a few hosts, unless you are absolutely certain that messages > will NEVER exit your private/company network. > > Pain ensues if it does.
That's generally the idea of SPF though - tell the world where your email is allowed to come from, and anyone else is forging your domain can be safely dropped on the floor. I've been running SPF on all my domains for many years now (when did it come out again?) because I only allow allow emails to be sent via SMTP AUTH. I've even got most of the client domains configured this way. The only problem I've had recently was a parent company of one of my clients forwarding emails without SRS. Semi-legitimate and yet easy to fix because of the business relationship. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
