I don't think you should block however: -IPv4 rate limit if the email is not authenticated (pass SPF or DKIM) -IPv6 reject email if it is not authenticated (pass SPF or DKIM)
On Wed, Aug 17, 2016 at 12:23 PM, Michelle Sullivan <miche...@sorbs.net> wrote: > Brandon Long via mailop wrote: > >> If your mail server doesn't expect to get forwarded mail, I can see using >> SPF like that. >> >> If you do expect to get forwarded mail, then it seems likely to cause >> more false positives than it's worth. >> >> > I don't see that... Renaud just quoted https://www.iplocation.net/ema > il-delivery-problems "Many mail servers refuse to accept emails from an > IP address without SPF record" not that the SPF record should be > restrictive when it comes to forwarded mail.... remembering the SPF is just > to identify the places where a domains email may originate and whether the > set policy is to be enforced or just used for information. SPF doesn't > stop forwarded email unless configured to do so... and not forgetting we're > talking about where you're sending to, not about you receiving in this > context. Ie I may choose not to accept email from domains without SPF, if > google.com doesn't have an SPF record it would just stop you sending to > me, if you put in a +all or ?all record into google.com's DNS I would > accept your email... > > Regards, > > -- > Michelle Sullivan > http://www.mhix.org/ > > > > _______________________________________________ > mailop mailing list > mailop@mailop.org > https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop >
_______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
