[unisog] Any Canadian Universities on here ?

Sylvain Robitaille syl at alcor.concordia.ca
Wed May 4 17:42:02 GMT 2005


On Wed, 4 May 2005, Andy Feldt wrote:

> There is a broader issue here.  Ultimately, it would seem that the
> best solution is for a user to authenticate themselves to, and
> send e-mail via, the mail server associated with their domain.  This
> allows the domain to utilize a scheme like SPF so that receivers of
> e-mail can choose to reject e-mails stating they are from a user at
> that domain but have not been sent by an authorized mail server.

It's a good point, and I admit I overlooked it.  We don't use (and
aren't likely to in its current incarnation, but I do imagine that the
design will settle into one which better addresses the current problems)
SPF here, as we offer various "mail forwdarding" services and aren't
satisfied that the current SPF design properly addresses such a service.

> We are moving toward that goal and have run into ISPs which block
> port 25.

On the other hand, since we're not using SPF, ISPs blocking port 25
hasn't been a problem for us.  Spammers spoofing our addresses obviously
can be, but it's generally known now, even by the folks furthest away
from email administration, that From: headers and envelope sender
addresses in spam messages are forged.  We very rarely get complaints
about spam with an @concordia address in the headers that wasn't sent
from our systems (and blocking outbound port 25 put a stop to spam sent
from any of our systems -- the mail servers are able to detect any
attempts now, and they get stopped quickly).

-- 
----------------------------------------------------------------------
Sylvain Robitaille                              syl at alcor.concordia.ca

Systems analyst / Postmaster                      Concordia University
Instructional & Information Technology        Montreal, Quebec, Canada
----------------------------------------------------------------------



More information about the unisog mailing list