| 1 |
Hi! |
| 2 |
|
| 3 |
On Thu, 26 Oct 2006, Alin Nastac wrote: |
| 4 |
> Facts: |
| 5 |
> a) current SPF TXT record of our domain is "v=spf1 mx ptr ?all" |
| 6 |
> b) I use my own MTA to send my @g.o messages. |
| 7 |
> c) Probably I am not the only one who does that |
| 8 |
|
| 9 |
d) I've just spent nearly an hour to debug an error that resulted |
| 10 |
from an overly-zealous MX admin thinking it'd be nice to also |
| 11 |
check the Header-From: against SPF, breaking several mailinglists |
| 12 |
in the process. |
| 13 |
|
| 14 |
> Conclusion: |
| 15 |
> The proper TXT record for our domain would be "v=spf1 +all", which |
| 16 |
> translates (according to http://new.openspf.org/SPF_Record_Syntax ) as |
| 17 |
> "the domain owner thinks that SPF is useless". And it really is useless, |
| 18 |
> at the very least for our widespread organization. |
| 19 |
|
| 20 |
For me the proper conclusion is: don't ever implement SPF for |
| 21 |
your own domains. It wreaks all sorts of nasty havoc, including, |
| 22 |
but not limited to, broken mailing lists and forwards. |
| 23 |
|
| 24 |
Regards, |
| 25 |
a slightly pissed off |
| 26 |
Tobias |
| 27 |
-- |
| 28 |
Never touch a burning system. |
| 29 |
-- |
| 30 |
gentoo-dev@g.o mailing list |
Archives