On Oct 4, 2010, at 10:16 AM, Michael Thomas wrote:
On 10/04/2010 10:05 AM, John Adams wrote:
We've seen percentage gains when signing with DK, and we carefully monitor our mail acceptance percentages with ReturnPath. It's around 4-6%. I'd like to stop using it, but some people still check DK.
Sigh. I was hoping not to hear that. It's been about 5 years since the issue of rfc4871. It might be helpful to name and shame.
Mike
At least in that case, the spammer has to have control of the sending domain. SPF is not intended to protect from that case. It is intended to protect from the case where spammers Joe-job domains they can't control. Removing a few points probably isn't a bad idea so long as you have a list of domains for which points should be added. Owen
-j
On Mon, Oct 4, 2010 at 10:02 AM, Michael Thomas<mike@mtcc.com> wrote:
On 10/04/2010 09:54 AM, John Adams wrote:
Without proper SPF records your mail stands little chance of making it through some of the larger providers, like gmail, if you are sending in any high volume. You should be using SPF, DK, and DKIM signing.
There should really be no reason to sign with DK too. It's historic.
I don't really understand how your security company related SPF to DoS though. They're unrelated, with the exception of backscatter.
Me either.
Mike
-j
On Mon, Oct 4, 2010 at 9:47 AM, Greg Whynott<Greg.Whynott@oicr.on.ca> wrote:
A partner had a security audit done on their site. The report said they were at risk of a DoS due to the fact they didn't have a SPF record.
I commented to his team that the SPF idea has yet to see anything near mass deployment and of the millions of emails leaving our environment yearly, I doubt any of them have ever been dropped due to us not having an SPF record in our DNS. When a client's email doesn't arrive somewhere, we will hear about it quickly, and its investigated/reported upon. I'm not opposed to putting one in our DNS, and probably will now - for completeness/best practice sake..
how many of you are using SPF records? Do you have an opinion on their use/non use of?
take care, greg