On Thu, Aug 16, 2012 at 4:54 PM, John Shaver <[email protected]> wrote: > On Thu, Aug 16, 2012 at 4:09 PM, Merrill Oveson <[email protected]> wrote: >> Pluggers: >> >> >> Pretend we are xyz company. So my email is [email protected]. xyz >> email is hosted thru gmail. >> >> Some of our users got an email from [email protected]. >> Now our support team never send the email. It's obvious spam. >> >> The question is: If we flag the email as spam, are you flagging >> [email protected] as spam, >> or is gmail smart enough to know to flag the sent from ip address? > > This is called email spoofing. If wanted to, I could send you an > email as [email protected] and it would come through fine. If they > flag it as spam, then, in most spam systems, it will affect legitimate > emails from the same email address. > > The most common defense I've seen people try to use for this is SPF > records. You can specify SPF information in your DNS TXT records that > specify which servers are allowed to send out mail from your domain. > Unfortunately, people don't always send email out through your SMTP > server. When they are away from the office, they may want to send > mail from their home connection and their ISP may require them to send > out mail via their SMTP server and block ports otherwise (this is very > common among the big ISPs). This means that legitimate mail will be > flagged due to SPF records. I see very few large companies using > solid SPF records on their domain for this reason. Most are just set > to flag, but not deny mail from other servers. > > The other issue is that many mail servers do not even check SPF > records and aren't required to, although I think most do. > > >> It drives me crazy that gmail doesn't show the full headers. > > > Even if you showed full headers, it would be very difficult to know > who the mail actually came from and if it was legitamate if you don't > know how to read email headers and see what servers we can confirm > they went to (gmails servers only know which server handed them the > mail, any other relays could be faked in the headers). > > More info on email spoofing: > > http://en.wikipedia.org/wiki/E-mail_spoofing > > and Sender Policy Framework: > > http://en.wikipedia.org/wiki/Sender_Policy_Framework > > -John Shaver > > /* > PLUG: http://plug.org, #utah on irc.freenode.net > Unsubscribe: http://plug.org/mailman/options/plug > Don't fear the penguin. > */
Thanks for the responses... Yeah, I have an spf1 record in my DNS for our domain. I guess gmail didn't bother to read it, or it's set up wrong. ? ie.: v=spf1 a mx ?all Or does gmail require a special spf1 record setup in their DNS? /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
