spf-discuss
[Top] [All Lists]

Re: Re: [SPF Classic] Policy best practices should be kept out

2004-10-07 09:23:13


Tony Finch wrote:
On Thu, 7 Oct 2004, Daniel Taylor wrote:


And how am I supposed to find out all my users' forwarding addresses?


One of two ways spring to mind immediately:
1. Ask them.


Actually I need to know the IP addresses of the outgoing email servers for
the forwarding sites. The users don't have this information and they don't
know who has, and we certainly don't have time to keep it up to date even
if we could obtain it.

_You_ have this information to a great extent already.
It is right there in your mail server logs. You just need
to know which domains to sort out.

It is quite a bit of work, but perhaps some enterprising
individual with the same problem and mad perl skills could
come up with a helper script to make life easier.

2. Turn it on and monitor bounces/field complaints.


Utterly irresponsible.

Of course. I assume you are running an ISP or similar environment.
But it is a simple fact that using forwarded e-mail increases your
user's exposure to mal-mail of all types, and as their service provider
you are stuck in the awkward position of helping your users deal
with that exposure.

Your users with forwarded e-mail are probably already having
problems with spam and malware, so don't assume that they
won't be willing to put themselves out a bit if you ask them
politely for help.


--
Daniel Taylor          VP Operations            Vocal Laboratories, Inc.
dtaylor(_at_)vocalabs(_dot_)com   http://www.vocalabs.com/        
(952)941-6580x203


<Prev in Thread] Current Thread [Next in Thread>