On Tue, 2013-12-31 at 18:35 +0000, Walter Hurry wrote: > Does that indicate that it's all working properly, or should I be looking > for something else? > Personally, I'm not convinced that SPF is much use for detecting spam.
What it *is* good for, though, is preventing backscatter. What an SPF record does is publish the IPs that are valid recipients of mail sent to a domain. Spammers don't need or use this info because they're going to send mail to your domain (someb...@example.com) anyway. Where it comes in useful is when a third party's MTA wants to bounce mail it received for an unknown user. If its being well behaved, before it bounces the message it will check for an SPF record at the message sender's domain and, if there is one, check the IP in the From: header against it. If the IP doesn't match a valid IP in the SPF record it knows that the sender was forged and that nothing will be achieved by sending a bounce message. The result: if you set up an SPF you won't get backscatter (spam with your address forged and used as the sender). If you haven't created and validated an SPF record for your domain, I recommend that you do so. There are useful tools these tasks here: http://www.kitterman.com/spf/validate.html Martin
