Re: SPF Record ...

From: "Marc G(dot) Fournier" <scrappy(at)postgresql(dot)org>
To: Magnus Hagander <mha(at)sollentuna(dot)net>, Peter Eisentraut <peter_e(at)gmx(dot)net>, pgsql-www(at)postgresql(dot)org
Cc: "Marc G(dot) Fournier" <scrappy(at)postgresql(dot)org>, pgsql-core(at)postgresql(dot)org
Subject: Re: SPF Record ...
Date: 2006-11-17 13:16:40
Message-ID: 8CF41A28C37CC5CB12A99F81@ganymede.hub.org
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-www

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --On Friday, November 17, 2006 10:34:19 +0100 Magnus Hagander
<mha(at)sollentuna(dot)net> wrote:

> That's a bit harsh, really. There are a lot of environments where
> publishing SPF records are *not* harmful, and are *not* restricting the
> user. For example, any organisation that doesn't use SMTP for mail
> submission. I have 18,000 users that only everb submit email using RPC
> or http. We also permit SMTP with authentication over TLS on 587 for
> those few (I think there are 4 or 5 people out of the 18,000) that use
> IMAP/s. Publishing SPF records for this organisation was a big win, and
> it has noticably cut down the spam complaints we've received when
> spammers have forged from addresses from our domains.

The above was what I was thinking also ... where there is easy and absolute
control over the domain in question (ie. all *legit* @hub.org email will go
through one of two servers ... I have my postfix setup on my desktop setup so
that it relays *thru* the primary one, and its a very restricted list of email
users involed), then adding an SPF doesn't hurt ...

> That said, I'm not asying that it's right for postgresql.org, given that
> it has the type of usage pattern that it does with a lot of
> "organizationally unrelated" users that all use SMTP for submission. Use
> the right tool for the job, as always...

As I answered Dave, I'm quickly starting to think that postgresql.org might be
fairly difficult ... but, even then, spf allows for 'exceptions' (ie.
authsmtp.com, developer.pgadmin.org, etc) ... so for the very few actual
mailboxes involved, it shouldn't be too difficult to do either ...

- ----
Marc G. Fournier Hub.Org Networking Services (http://www.hub.org)
Email . scrappy(at)hub(dot)org MSN . scrappy(at)hub(dot)org
Yahoo . yscrappy Skype: hub.org ICQ . 7615664
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (FreeBSD)

iD8DBQFFXbY54QvfyHIvDvMRAl2xAJsHRyWFxA1vNa11na6FIh6AFXIKeQCeLCXd
IkwnwsXLqzbv16fcwLkIBxI=
=+yvm
-----END PGP SIGNATURE-----

In response to

Browse pgsql-www by date

  From Date Subject
Next Message Marc G. Fournier 2006-11-17 13:24:21 Re: SPF Record ...
Previous Message Marc G. Fournier 2006-11-17 13:07:49 Re: [CORE] SPF Record ...