cancel
Showing results for 
Search instead for 
Did you mean: 

SPF: Sender Policy Framework

N/A

SPF: Sender Policy Framework

Are PN going to introduce SPF?
8 REPLIES
Community Veteran
Posts: 14,469
Registered: 30-07-2007

SPF: Sender Policy Framework

There are no plans for this as far as I know.

This has been suggested several times over the past few years.
albany
Grafter
Posts: 72
Registered: 18-08-2007

SPF: Sender Policy Framework

Please can we have this or at least an updated list of relay.plus.net IPs so that we can add our own lisitng the plus net outbound relays.

I'm getting about 1 bounce message every 2 minutes at the moment because someone is spamming using my domain as reply address. Evil

Exchange 2003 is now configured by default to repspect SPF records I beleive. That should get some crtical mass going.
Community Veteran
Posts: 14,469
Registered: 30-07-2007

SPF: Sender Policy Framework

This idea has already been entered into PUGIT - details on PUGIT here.

Other members can vote on it so PN are made aware of what issues people want the most.

[changed as it has already been added]
albany
Grafter
Posts: 72
Registered: 18-08-2007

SPF: Sender Policy Framework

Thanks. I'll go and vote.
N/A

SPF: Sender Policy Framework

Quote
Please can we have this or at least an updated list of relay.plus.net IPs so that we can add our own lisitng the plus net outbound relays.

I'm getting about 1 bounce message every 2 minutes at the moment because someone is spamming using my domain as reply address. Evil

Exchange 2003 is now configured by default to repspect SPF records I beleive. That should get some crtical mass going.


Exchange 2003 is not configured by default for doing SPF. SPF also has issues of its own.

What really needs to happen is reverse MX which is kind of the same but a little different. Or th epublic / private keys method. Either way its impossible to validate the source of an email.
N/A

SPF

tip, buy your own domain and outsource your DNS they should have the option to add TXT records which is SPF, personally i use my own DNS servers and add SPF that way but really it's far from fullproof something like GFI Mail Essentials is needed we use it on all our exchange servers.
albany
Grafter
Posts: 72
Registered: 18-08-2007

Only OK if you don't relay via PlusNet

Hosting DNS outside PlusNet still leaves the problem of identifying which servers are used when relaying via PlusNet. If PlusNet had an SPF record, the include statement can be used. Otherwise, you are into horrors like the ptr record or broad-brush IP address ranges.
N/A

Re: Only OK if you don't relay via PlusNet

Quote
Hosting DNS outside PlusNet still leaves the problem of identifying which servers are used when relaying via PlusNet. If PlusNet had an SPF record, the include statement can be used. Otherwise, you are into horrors like the ptr record or broad-brush IP address ranges.


It can also be the case of when a large isp like plusnet gets blacklisted that they move the outbound mail server to a different subnet to get around the blacklisting.

This does of course break all SPF records. I have looked at SPF. There just isnt enough people using it. It also has some problems and alot of people will not use it because of this problem. Its the same as anything else you need a massive adoption of the framework before it really starts to work properly. Where as they need to fix the smtp protocol to be able to id the sending mail server via a public key shared by dns or the likes for a system like this to really work properly. eg the message is signed when sent by the client or border mail server and then can be checked by any other mail server the email passes though. If it doesnt match any of the keys in the dns it can reject it because it didnt come from a correct source.