Educause Security Discussion mailing list archives
Re: Question about SPF email filtering
From: John Ladwig <John.Ladwig () SO MNSCU EDU>
Date: Thu, 9 Feb 2012 19:04:11 +0000
SPF and DKIM seem to be getting a refresh/update under dmarc.orc, complete with new Internet-draft: http://www.dmarc.org/draft-dmarc-base-00-01.html There's been a bunch of press releases last couple of weeks from the DMARC organization. -jml -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Derek Diget Sent: Thursday, February 09, 2012 12:38 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Question about SPF email filtering On Feb 9, 2012 at 17:16 -0000, Dye, Jan wrote: =>I'm just curious to see how many of you have enabled SPF filtering on =>your email systems? We quarantine on SPF "fail". (There is plans to SMTP reject.) =>We recently enabled this, and the result is that we have many support =>tickets from users who no longer receive mail from rejected senders. =>These senders are legitimate, however, they have "bad" SPF records. We did this a could of years ago. There have been a few issues. Mostly with students/faculty forwarding from their previous .edu. (We tell them to go fix the address they have in Facebook, banks, etc to be their @wmich.edu address.) Another top issue would be user's wanting to use one address (like previous broadband provider) with their new broadband provider's MSA. Once they get the "profile" set up in their MUA to use MSA-X for X address and MSA-Y for Y address, they are all set. =>We're wondering how other institutions are handling this, and if SPF =>checking is really worth it. It is just one more tool to use. For us, where we seem to see it help is for the first messages in phishing runs for NACHA.org, FDIC, IRS and other money phishing. Within a few minutes our anti-spam starts blocking them, but the SPF check catches the ones that get through it. =>If I've posted this on the wrong list, please let me know. Probably would also want to post to the Higher Education Email Administration list hosted at Notre Dame. Note, that SPF is currently being updated from Experimental to a Standards Track protocol by the SPFbis IETF working group. (It was just chartered last week.) -- *********************************************************************** Derek Diget Office of Information Technology Western Michigan University - Kalamazoo Michigan USA - www.wmich.edu/ ***********************************************************************
Current thread:
- Question about SPF email filtering Dye, Jan (Feb 09)
- Re: Question about SPF email filtering Dye, Jan (Feb 09)
- Re: Question about SPF email filtering Jason Todd (Feb 09)
- Re: Question about SPF email filtering David Pirolo (Feb 09)
- Re: Question about SPF email filtering Derek Diget (Feb 09)
- Re: Question about SPF email filtering John Ladwig (Feb 09)