Protecting your domains' email with SPF
Sun 16, 2007 01:09 |
Permalink |
Comments (2) |
Trackbacks (0)
Two days ago, I was playing with DNSStuff (http://dnsstuff.com), doing some checks on my domain “0x82”. One of the tests was about some SPF thing that I never heard about.
It told me someone could send an email from anywhere, and make it appear that it was send from my domain, making it legitimate (ok, I know that this doesn’t make my email secure by himself). It told me that the solution was a SPF thing.
I’ve started reading about it, and realized that, although it seems a big hack (what? using the TXT field of a domain to store data??), it could help and protect your email. For that I needed to change the TXT record of my domain (try dig TXT 0x82.com on your console).
Then, to make sure that the email I receive is tested against this specification, I had to configure my postfix SMTP server. If you search on google for “postfix spf debian” you will find nice tutorials on how to implement that. It was really simple!
Recent Posts
Archive
Tag cloud
Statistics
111 posts
License
2 Comments | rss | atom | xml | json
Careful with SPF. It’s cool, but it sometimes works too well. :-)
In the txt record you must indicate ALL the IPs that will ever send email in your domain’s name.
In your case, you always send mail from gmail (according to “dig +short 0x82.com txt”), so there should be no problem… but if you want to use a regular email client, this could be a problem. You would have to place all the MTA’s IPs in your SPF record.
— Zé Carlos
Acording to dig +short 0x82.com txt, I can always send email from the MX record of 0x82.com.
Since I use the SMTP server on 0x82.com to send my email (and sometimes GMail too), I think I have no problems! Correct me if I’m wrong!
You can use Textile 2 markup here. The XHTML tags accepted are: a, abbr, acronym, b, blockquote, code, em, i, strike and strong.