Thanks for your help, we will check the solutions and let you know. Have a great day.
Saludos. Ing. Alfonso Alejandro Reyes Jiménez Analista del sector Gobierno E-mail: aare...@scitum.com.mx Telefono: 91 50 74 00 ext. 7489 Movil: (044) 55 52 98 34 82 La información contenida en el presente correo es confidencial y para uso exclusivo de la persona o institución a que se refiere. Si usted no es el receptor deliberado es ilegal cualquier distribución, divulgación, reproducción, completa o parcial, aprovechamiento, uso o cualquier otra acción relativa a ella. Por favor notifique al emisor e inmediatamente bórrela de forma permanente de cualquier computadora en la que resida y en caso de existir, destruya cualquier copia impresa. -----Mensaje original----- De: owner-postfix-us...@postfix.org [mailto:owner-postfix-us...@postfix.org] En nombre de James Gray Enviado el: martes, 05 de octubre de 2010 09:34 p.m. Para: postfix-users@postfix.org Asunto: Re: ..::Spoofing Issues::.. On 06/10/2010, at 12:17 PM, John Peach wrote: > On Wed, 6 Oct 2010 12:13:25 +1100 > James Gray <ja...@gray.net.au> wrote: > >> >> On 06/10/2010, at 9:37 AM, Noel Butler wrote: >> >>> On Tue, 2010-10-05 at 23:46 +0200, mouss wrote: >>>> Le 04/10/2010 23:03, Terry Gilsenan a écrit : >>>>> Configure postfix to use SPF, and setup an SPF record in DNS for that >>>>> domain. >>>>> >>>> >>>> then what? you reject mail because of spf fail? that would lead to false >>>> positives... >>>> >>>> >>> >>> We've used it for years, had very little complaints, maybe half a dozen in >>> all that time. >>> SPF is a "must use" IMHO, and by use of "-all" ... providing you >>> configure your DNS correctly. >> >> ...and then a user puts in a .forward file (or equivalent) to send mail to >> another address. Now SPF if broken on the forwarded account as your mail >> server very likely doesn't have an SPF record for the original sender. >> Ooops - SPF is broken in these situations and therefore can't be used to >> arbitrarily reject messages on SPF failures. The best it can do is be added >> as a heuristic to an overall message evaluation (spamassassin et al). > > We neither publish nor use SPF records; broken by design. Hi John, Agreed - sorry about the wording in my previous. I didn't want it to sound like "your" mail system specifically. No offence intended. Cheers, James
