[Dshield] Are you using spf records?
Johannes B. Ullrich
jullrich at sans.org
Fri Jan 6 04:19:44 GMT 2006
>Further, SPF breaks RFC 2821/2822 compliant mail when the mail is
>forwarded from MTA to MTA
>We put in the records but we don't think it does much of anything for
>many of the reasons below
We are using SPF, and in some cases mailkeys to prevent our own mail
from bouncing. But don't use it much (at all?) for inbound check.
If you need to authenticate a user, use PGP (or maybe SMIME). I would
love to enforce PGP signed only email ;-) It would probably cut down my
email load to almost nil.
Johannes Ullrich jullrich at sans.org
Chief Research Officer (617) 639 5000
PGP Key: https://secure.dshield.org/PGPKEYS
"We use [isc.sans.org] every day to keep on top of
security at our bank" Matt, Network Administrator.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 256 bytes
Desc: OpenPGP digital signature
Url : http://www.dshield.org/pipermail/list/attachments/20060105/5d2413d2/signature.bin
More information about the list