On Thu, Sep 23, 2004 at 06:01:44PM -0600, phil(_at_)icserv(_dot_)net wrote:
Currently we have hundreds of domains from hundreds of ISPs sending
email from and to and through our servers. How do we make a global
change to SPF without shutting everybody off in a massive email outage.
I'm not sure I understand this? Why would a global change result in
massive email outage?? If you're not sure of your setup, you could use
~all instead of -all for testing first, and work something out with
exists: mechanisms to generate log entries in your dns. Read the
archives for more info.
Also, from what I understand SPF isn't going to decrease at all the
number of spams that our mail scanners have to process. It only
validates that the from address is valid for certain domains (i.e. We
will know when an email is being spoofed from a domain that uses SPF.
However, for the larger percentage of incoming email which originates
from fake or non-SPF domain names: what process is used to flag those
first?)
What does everybody else use besides SPF to decrease the amount of spam?
You could do a couple of things that have proven to be very effective:
- block anything that uses a HELO of your own domain or even ip number
- apply DNSBL's like sbl-xbl.spamhaus.org
- browse around the archives of this list for more things that have proven to
be effective for members of the list
Koen
--
K.F.J. Martens, Sonologic, http://www.sonologic.nl/
Networking, embedded systems, unix expertise, artificial intelligence.
Public PGP key: http://www.metro.cx/pubkey-gmc.asc
Wondering about the funny attachment your mail program
can't read? Visit http://www.openpgp.org/