On 2015-04-29 10:03, Dave M wrote:
What test to confirm the SPF records ?
There are some good tools at:
http://www.kitterman.com/spf/validate.html
Incidentally, don't expect too much from SPF. There are plenty of
services (Yahoo!, I'm looking at you) which will happily try to deliver
spam even when your SPF record indicates that the sender can't possibly
be a legitimate sender. And they will also send all the non-delivery
reports straight to the forged address in the 'From' line.
Some Russian watches'n'pills spammers regularly forge the 'admin@'
addresses of a couple of my domains in the 'From' lines of their spams,
and each time they do, I get a metric ton of backscatter.
However, I suspect that the spammers _do_ pay attention to SPF records.
The domains that the Russians have picked to abuse originally had more
permissive SPF settings; domains that have more restrictive settings
don't get abused this way. So it's probably worth getting the correct
settings right when you first set up a domain, just to make sure they
don't add you to their 'forge-this-domain-for-the-rest-of-time' lists.
Angus
---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com