Reading the Internet and looking at actual public DNS records and email
headers, there seem to be disagreements regarding the usage of things
like DMARC/DKIM/SPF. Some discussions are sometimes old (like 2014) and
have not been rediscussed recently.

So far, I identified the followings:
- MUST: have a proper Reverse DNS
- MUST: have a proper HELO/EHLO value (matching DNS)
- MAY:  have SPF configured to announce official MTA
- MAY:  have DKIM configured to sign outgoing emails
- MAY:  have DMARC set with p=none             // many MTA won't check
- DONT: have DMARC set with p=(quarantine|reject)  // may break things

What would be the recommandations from the OpenSMTPD project as of 2019
when one want to setup an MTA? Are those MUST/MAY/DONT correct? Are
there more things to add to this checklist?

Thank you.

You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Reply via email to