In addition to Vladimir's post, M3AAWG just published an SPF best practices
paper that might be useful:
https://www.m3aawg.org/sites/default/files/m3aawg_managing-spf_records-2017-08.pdf
Seth
On Thu, Oct 12, 2017 at 1:00 PM, Pete Holzmann via dmarc-discuss <
dmarc-discuss@dmarc.org> wrote:
>
Vladimir,
Thanks for that article. You did cover all of the issues I've seen to date...
including one I
saw just this morning for the first time!
An organization's SPF has:
v=spf1 mx include:smtproutes.com include:smtpout.com ~all
include:spf.protection.outlook.com -all
This is a pretty common practice for domains that people own for brand
protection as well - a0l.com has a -all SPF, p=reject DMARC policy, and no
MX.
On Thu, Oct 12, 2017 at 1:22 AM, Pete Holzmann via dmarc-discuss <
dmarc-discuss@dmarc.org> wrote:
> Awesome! Thank you SO much :)
>
> On 12 Oct