[130467] in North American Network Operators' Group
Re: do you use SPF TXT RRs? (RFC4408)
daemon@ATHENA.MIT.EDU (John Adams)
Mon Oct 4 12:56:14 2010
In-Reply-To: <9C9322AB-CB58-405A-ADA5-A74B2238A2B3@oicr.on.ca>
Date: Mon, 4 Oct 2010 09:54:22 -0700
From: John Adams <jna@retina.net>
To: Greg Whynott <Greg.Whynott@oicr.on.ca>
Cc: "nanog@nanog.org list" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Without proper SPF records your mail stands little chance of making it
through some of the larger providers, like gmail, if you are sending
in any high volume. You should be using SPF, DK, and DKIM signing.
I don't really understand how your security company related SPF to DoS
though. They're unrelated, with the exception of backscatter.
-j
On Mon, Oct 4, 2010 at 9:47 AM, Greg Whynott <Greg.Whynott@oicr.on.ca> wrot=
e:
>
> A partner had a security audit done on their site. =A0The report said the=
y were at risk of a DoS due to the fact they didn't have a SPF record.
>
> I commented to his team that the SPF idea has yet to see anything near ma=
ss deployment and of the millions of emails leaving our environment yearly,=
=A0I doubt any of them have ever been dropped due to us not having an SPF =
record in our DNS. =A0When a client's email doesn't arrive somewhere, =A0we=
will hear about it quickly, =A0and its investigated/reported upon. =A0 =A0=
=A0I'm not opposed to putting one in our DNS, =A0and probably will now - f=
or completeness/best practice sake..
>
>
> how many of you are using SPF records? =A0Do you have an opinion on their=
use/non use of?
>
> take care,
> greg
>
>
>
>
>
>
>
