Slashdot Mirror

← Back to Stories (view on slashdot.org)

Are You Using SPF Records?

Posted by timothy on from the spf-50-should-be-enough dept.

gravyface writes "I've been setting up proper Sender Policy Framework records for all my clients for past year or so, hoping to either maintain or improve their 'reputation' in the email universe. However, there's a lot of IT admins I speak with who either haven't heard of SPF records or haven't bothered setting them up. How many of you are using SPF records for your mail domains? Does it help? How many anti-spam vendors out there use SPF records as part of their 'scorecard'?"

4 of 263 comments (clear)

  1. I use them, but mainly for deniability by e9th · · Score: 2, Insightful

    My SPF records have gotten me un-blacklisted a few times, after I've pointed out that those machines in Brazil weren't authorized to send email from my domains. But I think DomainKeys, DKIM, etc. will make eventually make SPF unnecessary.

  2. Yes by S-100 · · Score: 2, Insightful

    Yes, I used SPF records on all the domains that I host that have email accounts. SPF records I believe have cut way down on backscatter. Before SPF, accounts would get dozens to hundreds of bounces when their email address was forged as the reply-to address in spam. Now the backscatter is almost completely gone.

    But I can tell that Hotmail still ignores SPF since almost all the backscatter that still comes through is from Hotmail. They should know better.

    Having valid SPF records also helps outgoing mail get through. I would frequently have to deal with large ISPs that would flag my mail or my domain as a spam source, based on their misinterpretation of forged headers. But since I have SPF records in place, this has not happened. I also check incoming SPF. If the SPF check fails, the mail is dumped. If SPF passes or there's no SPF, it goes through. Works great as one step in spam control.

  3. Re:Use DomainKeys.. by NormalVisual · · Score: 4, Insightful

    Yahoo, Gmail, MSN/Hotmail, and AOL pretty much require that you have DomainKeys implemented if you want to email their users

    I don't have DomainKeys set up, and I've never had any difficulty getting mail to users of any of those services.

    --
    Please stand clear of the doors, por favor mantenganse alejado de las puertas
  4. Re:yes by Snover · · Score: 4, Insightful

    Read again.

    Spammers can’t use his domain to forge spam, because SPF-aware mail servers reject it. Hence, he doesn’t have to deal with tons of bounces, spam warnings, virus warnings, etc..

    --

    [insert witty comment here]