[lug] SPF filtering on outbound recipient
George S.
georges at mhsoftware.com
Thu Feb 9 11:39:27 MST 2017
On 2/8/2017 4:03 PM, Jed S. Baer wrote:
> On Wed, 8 Feb 2017 15:52:54 -0700
> Zan Lynx wrote:
>
>> If the TLD does have a SPF then the SPF must list the library's mail
>> system as a valid sender. If it isn't listed as a valid sender then all
>> SPF checks (SpamAssassin and others) will believe that the email is
>> faked.
>>
>> I see the record is:
>>> cotse.net. 900 IN TXT "v=spf1 +mx
>>> ptr:packetderm.com a:out.packetderm.com ~all"
>> I don't think any of those are Jefferson County Library.
> Jefferson County Library is jeffcolibrary.org. There is an SPF record for
> them, but that's not operative here.
>
> Their domain isn't in question. They are generating e-mail to me, and
> blocking their own outbound mail, based on the recipient domain,
> jbaer.cotse.net, lacking the SPF record.
That's really novel. For several of my customers I turned off inbound
SPF checking. The problem was that someone would have an invalid SPF
record. Mail to my customer would bounce (correctly). But the sender
would just say: I can send mail to others so it must be you. The
recipient would say. I want the message.
My personal experience is that SPF can prevent Phishing attacks and the
like to some extent, but spammers will create SPF records for spam
domains. If you're weighting your spamicity scoring on the presence or
lack of SPF, you'll be disappointed at the results.
> _______________________________________________
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: irc.hackingsociety.org port=6667 channel=#hackingsociety
>
--
George S.
*MH Software, Inc.*
Voice: 303 438 9585
http://www.connectdaily.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lug.boulder.co.us/pipermail/lug/attachments/20170209/3af0ba23/attachment.html>
More information about the LUG
mailing list