At 09:17 PM 12/6/2006 -0600, you wrote:
David MacQuigg wrote on Wednesday, December 06, 2006 8:25 PM -0600:
> Maybe we should try -all for a while, and see what problems crop up.
Since so few recipients currently reject on SPF fail, that is fairly
safe and you will know if there is a problem. I suggest that you
consider adding ?include:raytheon.com when you change to -all, so your
Raytheon customers don't get SPF fail. The next step is to turn on SMTP
AUTH over port 587 and transition your remote users to that submission
method. Once all your users are changed over, you can remove the
?include:raytheon.com and then be free of any worry they will send spam
with your domain name. The other advantage of SMTP AUTH is that other
users on the Raytheon network will not be able to send mail forging your
customers' identities that will be accepted by SPF checking recipients.
There are too many small senders to include them all in the SPF record for
box67.com. Raytheon.com is used by only one of our clients, and I'm not
sure which of our clients has a Return Address problem. I guess setting
-all in our SPF record would be one way to find out.
Another problem is that programs like Thunderbird make it difficult to have
more than one SMTP server. At least it looks that way to me, not yet
familiar with Thunderbird. Outlook Express and Eudora allow you to have a
different SMTP server for each account.
Maybe we can tell our Eudora clients (and any others with the "Eudora"
problem), set the SMTP server for your box67 account to
controlledmail.com. Then we just need one authorized forwarder instead of
dozens changing every day.
-- Dave
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?list_id=735