Hi! On Thu, 26 Oct 2006, Alin Nastac wrote: > Facts: > a) current SPF TXT record of our domain is "v=spf1 mx ptr ?all" > b) I use my own MTA to send my @g.o messages. > c) Probably I am not the only one who does that
d) I've just spent nearly an hour to debug an error that resulted from an overly-zealous MX admin thinking it'd be nice to also check the Header-From: against SPF, breaking several mailinglists in the process. > Conclusion: > The proper TXT record for our domain would be "v=spf1 +all", which > translates (according to http://new.openspf.org/SPF_Record_Syntax ) as > "the domain owner thinks that SPF is useless". And it really is useless, > at the very least for our widespread organization. For me the proper conclusion is: don't ever implement SPF for your own domains. It wreaks all sorts of nasty havoc, including, but not limited to, broken mailing lists and forwards. Regards, a slightly pissed off Tobias -- Never touch a burning system. -- gentoo-dev@gentoo.org mailing list