Martin Gregorie wrote:
On Wed, 2008-04-02 at 10:08, Justin Mason wrote:
John Hardin writes:
On Tue, 1 Apr 2008, William Terry wrote:
Is there anything I can do to mitigate this?
Do you publish SPF records?
Logically this should have an effect, but in real-world terms, it doesn't.
So don't worry about it.
SPF has worked well for me, but it has to be set up right.
Use http://www.kitterman.com/spf/validate.html to define and test your
SPF record.
no tuning on your side will help solving problems at the other side. For
example, I found that hotmail cache the value and if you add an
authroized MTA, it won't be accepted (hotmail silently discarded mail
from the new MTA, so I had to relay hotmail mail using the old MTA). I
suspect there are other brokerage out there, and this doesn't encourage
me to setup SPF records anymore...
Problems are better solved at the source. we hope that misconfigured
sites will be informed and will fix their setup. If not, blacklisting
seems to be the only way (as even filtering isn't effective since some
NDRs do not contain enough information).
Anyone knows if backscatterer.org list is safe? If so, one can reject
mail if the envelope sender is empty and the client is listed there.
