Educause Security Discussion mailing list archives
Re: DMARC Deployment
From: Brian Epstein <bepstein () IAS EDU>
Date: Wed, 21 Oct 2015 15:49:16 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 10/21/2015 03:09 PM, Derek Diget wrote:
When you find these "legitimate third parties" are you contacting them to inquire why they feel they need to send emails with an envelope from address (RFC5321.MailFrom) that is not from one of their own domains?
All good points. I was under the impression that SPF was using the sender's IP address for verification. Thus, I figured that I would need to add Constant Contact into my SPF record as a trusted sender for my domain. http://support2.constantcontact.com/articles/SupportFAQ/1768?q=spf&l=en_ US&fs=Search&pnx=1 I agree, DKIM is better to authenticate the source, but I'm just starting with SPF2 for now. Thanks, ep - -- Brian Epstein <bepstein () ias edu> +1 609-734-8179 Manager, Network and Security Institute for Advanced Study Key fingerprint = A6F3 9F5A 26C5 5847 79ED C34C C0E5 244A 55CA 2B78 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJWJ+w8AAoJEMDlJEpVyit4AfcQAItDTFPvVOppmToF+zvhewC6 HRH/D2hWJrIzSt8K1do9QEpK+4yIHaf4a7/igisexWJc3+tPKBak6Q6S1QZ3+GTQ gcUm5hUWfZ6W4F+DgB1ZgmDMJe+Qn5hokHjyK7gLw7SxBHJdeL1cCtgSKtcI4swh NIzPVQkyAnJGrwbG1OTs1LMZc0F/TlQDq/TgTkSnRzEnpT05Vc5riC6fBBXehXC3 gf9vafqYZS08zhbZZtZVrhRGIjM3nwegF/mrQRY+6FRoF5F1Q1R+AZ0sPRSoabUa z+N1VYPJ0dnEQnq8Y7GHg9xJh/w1I/972jCdvXz9bXxvO5QeIWbxaWnNi0C3+gHd hbKN/YYzI2ZC8n7UWPs0Ei5t/ypvaz7tXpMdMbw+Ipx9ysi8kwQ3J8CYhfg0SAJa T5qRhu4rRDFyQfD0RfQJePTtD1CCez8mcjJ2JzfFheWweWu6t0OvXytAIJWHrifh PE4Dm9bhmMo1vrl7HedOsBEXM3uES08IcbHnQbam3pTi3w4rWxO4OgOgR3jOM2wo ty9omMo7xniUAZWtGyAsImD6fAZvu/yNW2Or8uUeP8+kULfA3MTnf6OgD3DIdePN WU9ccpfT5/8dnt31/gZJmjSLIVSBt4WCVFMrwSeWH9I+iu11vrAbW8Atu4/SD8Uv 79C78Wbrh5VwPVFbCrmh =sdLF -----END PGP SIGNATURE-----
Current thread:
- DMARC Deployment Alexandre Adao (Oct 20)
- Re: DMARC Deployment Martinez, Brian (Oct 21)
- Re: DMARC Deployment Brian Epstein (Oct 21)
- Re: DMARC Deployment Alexandre Adao (Oct 21)
- Re: DMARC Deployment Brian Epstein (Oct 21)
- Re: DMARC Deployment Derek Diget (Oct 21)
- Re: DMARC Deployment Brian Epstein (Oct 21)
- Re: DMARC Deployment Alexandre Adao (Oct 21)