Need DNS records help for single server (and IP), and multi-domain mail server.
Reindl Harald
h.reindl at thelounge.net
Wed Aug 23 23:40:25 UTC 2017
Am 23.08.2017 um 21:58 schrieb John Miller:
> Finally, be _very_ careful about using the SPF qualifier "-all" to
> start out with. What you're saying there is that the only server
> authorized to _send_ mail for X.TLD is the one listed in the MX.
> Unless people are always logging directly into the mail server to
> send, you're better off with "~all" or "?all" to begin with
for the sake of god don't use "?all"
in that case you can skip SPF completly
why?
because a receiver can't use whitelist based on SPF because
whitelist_auth in SpamAssassin just skip a "i do not care about SPF"
record while "~all" qualifies for SPF_PASS and whitelisting while the
scoring of a SPF_SOFT_FAIL is much lower than SPF_FAIL
"?all" is the same as not have a SPF record at all in reality
and in 2017 people *have* to use the submission server which belongs to
a domain and not any random one while any random one should not allow to
send mail with a foreign envelope to start with - all that crap sevrers
shoukd be banned from the internet and spamfiltering would become so
much easier
More information about the bind-users
mailing list