Thanks for your reply Benny.
On 27/08/2015 20:19, Benny Pedersen wrote:
Mick skrev den 2015-08-27 15:02:
I will be pleased to read of any alternatives, if there are any.
drop sender-id, drop srs
Dropping sender-id? Do you mean leave MAIL FROM: <> blank or have I got
the wrong end of the stick and you mean modify the message headers? I'm
not sure I could, or even if I'd want to do either, but thanks for the
suggestion. I've now installed 'PostSRSd'. Should I be nervous of
reverse SRS abuse or is the cryptographic signature and a time stamp
enough to prevent this ?
use spf, sign with dkim
Yes, I use both.
monitor dmarc
https://dmarcian.com/ i can only say good things about this domain, it
have helped me on track with it all, even for domains that have there
own server problems with spf, or servers where i just managed the dns
for example.net
Fair that dmarcian.com only charge by the SPF passes and not the
failures. They have a free service too which is definitely good. I've
only touched on DMARC and wonder (at the moment) why you would need a
service like that? My limited understanding is ; you publish a DMARC
DNS text record with email address, then service providers email that
address in the event of a rejection? I've probably got that all wrong.
Something else to read up on as it's my next project.
if all the above is not possible stop forwarding
Yes, that is an option that I have considered.
Best Regards,
Mick.
