[Cadre-politics] SPF and MAILER-DAEMON backscatter
Dan MacNeil
omacneil at cs.uml.edu
Sat Jun 3 10:57:49 EDT 2006
SPF or Sender Permitted Framework is a spec for DNS TXT records that says
what mail servers are allowed to send email on your behalf.
For example
earth.cs.uml.edu is authorized to send mail for
the cs.uml.edu domain
and:
spankme.monkeyboy.spam.ro
...is not.
The advantages for us are:
people checking SPF record (like the CSL) won't accept and
backscatter/bounce spam/virus/phish from us.
Verizon, AOL, Comcast, Joe's ISP of Spanish Fork UT
will all be less like to score our mail as SPAM
We can join the tens of thousands in the in crowd.
I know the #2 is true because of chatter on the anti-spam listservs
and because verizon asked "are you using SPF?" when I went to get one
of our IP# de-blacklisted. (thanks Gregg)
The disadvantages are:
We need to setup SMTP AUTH on a box and have people
send their mail through that box.
sites like hallmark.com that send mail on behalf of people will break.
There are more details at:
http://openspf.org/
As part of our improved SPAM filtering, I figure to implement SPF for the
thecsl.org, brave.cs.uml.edu and the lists.*.org domains we maintain this
summer. (We @CSL are already using SPF info published by other people to
filter SPAM)
As a side benefit we can lop a few % off the tech support calls. "use
smtp.thecsl.org for your outgoing server is easier than "use your ISP's
smtp server, it's probably something like smtp.comcast.net "
--
More information about the Cadre-politics
mailing list