nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: do you use SPF TXT RRs? (RFC4408)

From: William Herrin <bill () herrin us>
Date: Mon, 4 Oct 2010 14:48:47 -0400
On Mon, Oct 4, 2010 at 12:47 PM, Greg Whynott <Greg.Whynott () oicr on ca> wrote:

A partner had a security audit done on their site.
The report said they were at risk of a DoS due to
the fact they didn't have a SPF record.

how many of you are using SPF records?  Do you
have an opinion on their use/non use of?



I use your SPF records (if you offer any) to prevent my servers from
slamming your servers with backscatter from someone forging your
address and sending me undeliverable email. Without SPF records,
you'll receive an undeliverable report for messages "from" you that I
can't deliver -- just like the RFC says I "must."

Regards,
Bill Herrin




-- 
William D. Herrin ................ herrin () dirtside com  bill () herrin us
3005 Crane Dr. ...................... Web: <http://bill.herrin.us/>
Falls Church, VA 22042-3004
Previous By Date Next
Previous By Thread Next

Current thread: