[130472] in North American Network Operators' Group
Re: do you use SPF TXT RRs? (RFC4408)
daemon@ATHENA.MIT.EDU (bmanning@vacation.karoshi.com)
Mon Oct 4 13:08:45 2010
Date: Mon, 4 Oct 2010 17:04:28 +0000
From: bmanning@vacation.karoshi.com
To: Greg Whynott <Greg.Whynott@oicr.on.ca>
In-Reply-To: <9C9322AB-CB58-405A-ADA5-A74B2238A2B3@oicr.on.ca>
Cc: "nanog@nanog.org list" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Mon, Oct 04, 2010 at 12:47:52PM -0400, Greg Whynott wrote:
>
> A partner had a security audit done on their site. The report said they were at risk of a DoS due to the fact they didn't have a SPF record.
that does not follow at all.
>
> I commented to his team that the SPF idea has yet to see anything near mass deployment and of the millions of emails leaving our environment yearly, I doubt any of them have ever been dropped due to us not having an SPF record in our DNS. When a client's email doesn't arrive somewhere, we will hear about it quickly, and its investigated/reported upon. I'm not opposed to putting one in our DNS, and probably will now - for completeness/best practice sake..
>
>
> how many of you are using SPF records? Do you have an opinion on their use/non use of?
I don't use them.
--bill
>
> take care,
> greg
>
>
>
>
>
>
