[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] Email Spoofing



Quoting Markus Gaugusch <markus@xxxxxxxxxxx>:
>
> I would suggest to use SPF (http://spf.pobox.com). This way you can
> restrict the IP's that are allowed to send mails that end with your
> domain.
>

Unfortunately, SPF breaks forwarding.  For instance, if I host my web site at a
hosting provider and have the e-mails sent to it forwarded to my cable modem
account, SPF will block them.

There is no way around this without the hosting provider changing their e-mail
setup.

I previously announced my mail server with SPF until my customers started
complaining that they couldn't send mail to such people.  As an ISP, there was
nothing I could do about it, short of removing the SPF entries from my DNS.

SPF is not a viable solution.

-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here