Re: [CORE] SPF Record ...

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --On Friday, November 17, 2006 13:50:04 +0000 Dave Page <dpage(at)postgresql(dot)org>
wrote:

> Marc G. Fournier wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>>
>>
>> - --On Friday, November 17, 2006 08:21:07 +0000 Dave Page
>> <dpage(at)postgresql(dot)org> wrote:
>>
>>> Please don't add SPF for postgresql.org - unless you're willing to add a
>>> record for developer.pgadmin.org as well.
>>
>> 'k, I wasn't planning on doing -all (strict fail), only ~all (softfail) ...
>> so this shouldn't affect either authsmtp.com use, or yours, at least if I'm
>> reading things right ...
>
> What's the point if it doesn't prevent mail from any servers other than the
> authorised ones?

To be honest ... that is actually one question that I was starting to wonder
... what we'd end up wanting to do would be something like:

v=spf1 a mx include:authsmtp.com include:developer.pgadmin.org -all

Once we were sure we had addressed all the various include:'s ... the ?all
would be an intermidiary step ...

What actually started all of this, as an fyi, is that apparently places like
hotmail are using SPFs (and lack of them) for filtering purposes ... so what
we'd be publishing, for instance, with the above, for some place like hotmail,
would be akin to:

trust everything coming from 200.46.204.71 + postgresql.org's MX records +

authsmtp.com + developer.pgadmin.org, but feel free to question everything
else

I believe that stuff like Spamassassin also makes use of it for similar
purposes ... if SPF shows that the sending server is questionable (?all), then
score it higher then if its considered a "Trusted source", as determined by the
domain owners ...

Its basically us advertising what hosts we acknowledge as being legit senders
of @postgresql.org email ... anything else is questionable and should be dealt
with accordingly ... if we go to -all, then we're saying that 'anythign else is
pure garbage' ...

Again, this is based on what I've read so far ...

- ----
Marc G. Fournier Hub.Org Networking Services (http://www.hub.org)
Email . scrappy(at)hub(dot)org MSN . scrappy(at)hub(dot)org
Yahoo . yscrappy Skype: hub.org ICQ . 7615664
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (FreeBSD)

iD8DBQFFXcGq4QvfyHIvDvMRAusUAJ4jWOjcpwdYONZ3+1ltK9seTeMx1QCg4PyN
o/MZW/PieFmqLOgPXORaT/Q=
=eYQN
-----END PGP SIGNATURE-----