[120305] in North American Network Operators' Group
Re: DNS question, null MX records *summary of on list and off list
daemon@ATHENA.MIT.EDU (Phil Vandry)
Tue Dec 15 22:15:03 2009
Date: Tue, 15 Dec 2009 22:14:10 -0500
From: Phil Vandry <vandry@TZoNE.ORG>
To: Eric J Esslinger <eesslinger@fpu-tn.com>
In-Reply-To: <D2D37F15EBBD524693E9F3CB32D02080DA9FE828@exchange.corp.fpu-tn.com>
Cc: "'nanog@nanog.org'" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Tue, 15 Dec 2009 11:51:29 -0600, Eric J Esslinger wrote:
> B. Set spf -all, for those who bother to check that to stop inbound
> mail from your domain.
You might as well also add a DKIM ADSP policy with "dkim=discardable".
Similar to your SPF policy, it announces that no unsigned mail (or
no mail at all in your case) should come from this domain. But DKIM
does not suffer from the problems SPF causes with email forwarding
(see recent NANOG thread on that topic).
-Phil
