Hi Indunil, On 2016-05-30 Mon 08:47 AM |, Indunil Jayasooriya wrote: > > Waiting your INPUTS. >
There is an SPF help mailing list, see http://www.OpenSPF.Org/Forums Most of your questions can be answered from http://www.OpenSPF.Org/ *) FAQ *) Best Practices *) Record Syntax *) testing tools See also: http://www.zytrax.com/books/dns/ch9/spf.html?pf=yes *NOTE*: When a domain publishes an SPF FAIL policy, SPF breaks plain message forwarding. (MX backup, MTA forwarding, ~/.forward, procmail/sieve forwarding). https://en.wikipedia.org/wiki/Sender_Policy_Framework#FAIL_and_forwarding http://www.openspf.org/Best_Practices/Checking_at_border_MTAs '... only the initial ("border") MTA can check SPF status of a message. Otherwise the internal MTA would see the incoming connection coming from the border MTA.' http://wiki.junkemailfilter.com/index.php/Email_Server_Setup_Tips#SPF_Records http://david.woodhou.se/why-not-spf.html http://wiki.junkemailfilter.com/index.php/Bounced_Email#SPF_is_hopelessly_broken_and_needs_to_die.21 http://wiki.junkemailfilter.com/index.php/SPF_-_Sender_Policy_Framework_-_is_broken_and_must_Die http://www.onlamp.com/pub/a/bsd/2004/10/28/openbsd_3_6.html?page=3 Bob Beck: "What's my conclusion? SPF and caller ID does 2 things, which I would do if I were writing spam software: 1. Encourages spammers to publish SPF records (and they have). The biggest SPF adopters I see are spammers. 2. Encourages spammers not to spam from SPF-publishing addresses. (And don't forget, this is what AOL and MSN *really* care about.)" 2004: http://www.theregister.co.uk/2004/09/03/email_authentication_spam/ "34% more spam is passing SPF checks than legitimate email because spammers are actively registering their SPF records. .... useful in curtailing spoofing and phishing attacks" Cheers, -- Craig Skinner | http://linkd.in/yGqkv7
