On 10/04/2010 09:54 AM, John Adams wrote:
Without proper SPF records your mail stands little chance of making it
through some of the larger providers, like gmail, if you are sending
in any high volume. You should be using SPF, DK, and DKIM signing.
There should really be no reason to sign with DK too. It's historic.
I don't really understand how your security company related SPF to DoS
though. They're unrelated, with the exception of backscatter.
Me either.
Mike
-j
On Mon, Oct 4, 2010 at 9:47 AM, Greg Whynott<greg.whyn...@oicr.on.ca> wrote:
A partner had a security audit done on their site. The report said they were
at risk of a DoS due to the fact they didn't have a SPF record.
I commented to his team that the SPF idea has yet to see anything near mass
deployment and of the millions of emails leaving our environment yearly, I
doubt any of them have ever been dropped due to us not having an SPF record in
our DNS. When a client's email doesn't arrive somewhere, we will hear about
it quickly, and its investigated/reported upon. I'm not opposed to
putting one in our DNS, and probably will now - for completeness/best practice
sake..
how many of you are using SPF records? Do you have an opinion on their use/non
use of?
take care,
greg
