On Thursday, February 04, 2016 07:41:44 PM Reindl Harald wrote: > which people don't know this? > admins? > don't maintain services then! > > users? > > just use the SMTP server your mailprovider tells you and no other one > and for smtp-admins: just don't accept enevlope senders for which you > would not accept incoming mail > > that is as easy as something can be >
Yeah, it's really really not. I'm in a 50 person company and we have our internal mail server, 3 different ESPs sending mail on our behalf for diffferent applications, Google calendar sending on our behalf, and 2 different SAAS customer service platforms sending as us. I can't even imagine how many different sources a large company has. And SPF doesn't do anything about the only part of the message the users care about, the message headers. In any event, SPF is legacy. DKIM and DMARC are the present and near future of mail services. DMARC uses SPF only as a fallback for broken or missing DKIM signatures.
