[Mimedefang] Deadline for SPF records
Dave Williss
dwilliss at microimages.com
Wed Aug 11 10:54:21 EDT 2004
----- Original Message -----
From: "Les Mikesell" <les at futuresource.com>
To: <mimedefang at lists.roaringpenguin.com>
Sent: Tuesday, August 10, 2004 12:06 PM
Subject: Re: [Mimedefang] Deadline for SPF records
> On Tue, 2004-08-10 at 09:12, Dave Williss wrote:
>
> > You mean like an employee on the road using a hotel's ISP or at a
> > wireless hotspot connecting back to your mail server to send mail
> > as from your company? _Make_ them use authentication.
>
> Put a price tag on that. If you are selling a product, how many
> dollars worth of orders are you willing to discard because the
> potential customer sent a request for information through a
> public access point instead of their own ISP? Discarding their
> mail is the only way you can _make_ someone else do things
> your way. Is it worth it, when what really matters is the
> individual authentication and/or the message content? I just
> don't see much value in some untrusted third party's claim
> of authentication.
>
That's a different issue. I'm talking about one of your employees
who has legitimate reason to send mail FROM your mail server
using your domain name. In this case, you need to tell those people
to send mail through your server instead of a public access point
or other mail host. Remember, these are your own people, who
you have some degree of control over. ("oh, something wrong with
your internet connection? I'll get right on that. :-)")
If it's their own laptop they're using that shouldn't be a problem
because you configure it once and carry it with you. Using a
public terminal in a library or something might be an issue,
but do you really want people from your company sending official
email from a server that may append a footer saying it was sent from
a public library? Not good for the company image.
On the other hand, your concern about rejecting possible sales
because of misconfigured SPF records: If you're concerned about
that, just don't reject mail that has invalid SPF. Maybe configure
SpamAssassin to give it a slightly higher Spam score.
More information about the MIMEDefang
mailing list