On Thu, Jun 18, 2009 at 12:22:26PM -0400, Jeff Lightner wrote:
> We don't allow "all servers" to send email at all. They have to
> specifically be configured to send and relay to the Exchange server
> which itself must be configured to allow them.
>
> The domain, waterinvoice.com is not in general use but is used by one
> server (and a test server on occasion) to send automated emails to
> customers that request them. There are no users sending with that
> domain except in test scenarios.
>
> My question actually arose in response to a third party marketing
> company that is asking us to set up an SPF record for a third domain we
> purchased. The SPF record for them is fairly straight forward but it
> made me wonder if I wanted to implement SPF for internally generated
> emails which hosts should be listed.
If it has not already been mentioned, please see the furious debate over
whether SPF should ever be installed. I'm sure Google can provide
plenty of references. The choice is, of course, yours [and your
customer's].
Receiving mail servers configured with SPF will reject all mail listed
in the [easily edited] mail header from X domain that is not listed in
the SPF record for X domain. E.g., if you want all your e-mail to go to
your home-consultancy e-mail account, so you set up your laptop to use
From: j...@home-consultancy.example
but hook it up to the company mail server, and there is an SPF record
for home-consultancy.example [which you don't control] that says mail
ONLY comes from pegasus.home-consultancy.example - then any e-mail you
send via the company's mail server [which has a policy allowing this
OBTW], but sent as if from your home office, will be rejected by said
mail servers.
--
/*********************************************************************\
**
** Joe Yao j...@tux.org - Joseph S. D. Yao
**
\*********************************************************************/
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
