On 08/23/2017 01:58 PM, John Miller wrote:
Finally, be _very_ careful about using the SPF qualifier "-all" to start out with. What you're saying there is that the only server authorized to _send_ mail for X.TLD is the one listed in the MX. Unless people are always logging directly into the mail server to send, you're better off with "~all" or "?all" to begin with.
I agree that ~all or ?all is good advice for existing domains. I would personally try to use -all for new domains from the word go.Band new domains give you the unique opportunity of doing things correctly without any legacy ... cruft ... to support / be compatible with.
So if you want to end up with a -all, I'd suggest starting with it. -- Grant. . . . unix || die
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
