On Wed, Oct 16, 2024 at 11:04 AM Dave Crocker <d...@dcrocker.net> wrote:
> > On 10/16/2024 10:55 AM, Brandon Long via mailop wrote: > > The most meaningful utility of SPF at the moment I think is to help > > identify DKIM replay cases. > > I have tried to track the DKIM replay discussions, but do not recall > seeing a reference to SPF's being useful for this. Can you elaborate? > The general theory is that a replay involves mail for a DKIM domain coming from different sources/hops than it normally does. Having spf/dkim both align is usually a good indication that a message is not a replay, so that can be used to protect the majority "good" traffic and have stronger rules against traffic which doesn't match. Brandon
_______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
