Need DNS records help for single server (and IP), and multi-domain mail server.
Grant Taylor
bind-users at gtaylor.tnetconsulting.net
Thu Aug 24 03:03:02 UTC 2017
On 08/23/2017 08:26 PM, John Levine wrote:
> Only if you want your mail to mysteriously disappear. There are a lot
> of perfectly legitimate ways to send and route mail that SPF cannot
> describe. Unless your name is Paypal or you are otherwise a giant
> phish target, -all is not want you want.
Yes, there are a number of ways that SPF's -all can bite you if you're
not aware of them and / or don't account for them.
I've been using SPF's -all for about 10 years and have had extremely few
problems because of it.
I've had FAR (multiple orders of magnitude) more problems with other
people breaking their SPF record and not able to send me email because
my SPF filter honored what they published.
Despite the potential gotchas, I still believe that enabling SPF's -all
from the get go is a LOT easier than trying to retroactively enable it
after things are already in place.
--
Grant. . . .
unix || die
More information about the bind-users
mailing list