Re: I hate to interrupt all this for something practical, but.... we need a concise, easy-to-follow set of SPF instructions in file format - anyone able to help?2004-10-28 15:10:43On Oct 27, 2004, at 23:13, Seth Goodman wrote: From: guy OK. You didn't volunteer but you did raise a good practice we need to document. Basically, I was able to write the HOWTO because I was describing my own situation. (I don't have a blocked ports problem.) At minimum we could suggest include:ISP.net. To document the process of discovering your ISP's outbound MTAs will be a lot of work. For example, just trying to use SenderBase to determine the outbound MTAs for, say, Earthlink produces 198 entries. I doubt that we are going to be able to document how a SOHO user figures this out. Therefore, I think we need a different path than a HOWTO. Perhaps, work with the SenderBase folks to provide a record, say- include:earthlink.net.senderbase.org. Or if there are trademark issues- include:serialnumber.senderbase.org and have senderbase generate a serial number for each user that is unique to the user and their ISP on a web page. That way ISPs deal with the knowledgeable folks at IronPort. Or IronPort harvests this from the ISPs SPF record. Just like AOL wishes to use SPF to automatically manage its white list, IronPort could do the same. I bet it is trivial to set up using DJB's rbldns. The "a:SMTP.ISP.net" tells the world to trust SMTP.ISP.net (since the As to Guy's comment, yes, he is right. Yet in the spirit of rebuffing the perfect as the enemy of the good, I would still suggest that it is better to put some bounds on who can forge your domain name versus no mechanism at all. At least with my proposal, you have a business relationship with the ISP. That should allow you to discuss and stop any abuse of your domain that originates from their server. This is much, much better than nothing. Andrew ____________________________________ Andrew W. Donoho awd(_at_)DDG(_dot_)com, PGP Key ID: 0x81D0F250 +1 (512) 453-6652 (o), +1 (512) 750-7596 (m)
|
|