BLOG

Tag: spf

Too much email on the brain

Last night I was cruising through our local news website. I see the headline New SPF guidelines coming our way. My first thought was, “Wow, SPF made the paper?” Now, I live in the SF Bay area so there are a lot of technology related stories that hit our paper which might not see the […]

2 Comments

SPF Fail: too many DNS lookups

I’ve had a couple folks come to me recently for help troubleshooting SPF failures. The error messages said the SPF record was invalid, but by all checks it was valid. Eventually, we tracked the issue down to how many include files were in the SPF record. The SPF specification specifically limits the number of lookups […]

7 Comments

Troubleshooting tools

There have been a number of comments on my post about Hotmail moving to SPF authentication having to do with troubleshooting authentication failures. I have been helping clients troubleshoot these issues, and am able to take on new clients to solve authentication problems. Contact me for more information. Of course, many of these issues can […]

No Comments

Hotmail moves to SPF authentication

Hotmail has recently stopped using Sender ID for email authentication and switched to authenticating with SPF. The protocol differences between SenderID and SPF were subtle and most senders who were getting a pass at Hotmail were already publishing SPF records. From an email in my inbox from September: Authentication-Results: hotmail.com; sender-id=pass (sender IP is 65.55.240.72) […]

14 Comments

Setting up DNS for sending email

Email – and email filtering – makes a lot of use of DNS, and it’s fairly easy to miss something. Here are a few checklists to help: Data you need before you start: [table] Information,for example Return path / bounce address,bounces.myesp.com Mailserver hostname,mail4.myesp.com Mailserver external address,192.0.2.4 DKIM “d=”,greatbigmarketer.com DKIM selector,oct2012.myesp From / Reply-To domain,greatbigbrand.com [/table] […]

No Comments

DMARC: an authentication framework

A new email industry group was announced this morning. DMARC is a group of industry participants, including large senders, large receivers and relevant intermediaries working on a framework to reduce the harm from phishing. DMARC is working on a standard to allow senders to publish sending policies and receivers to act on those policies. Currently, […]

1 Comment

DKIM is Done

This was posted to the IETF DKIM Working Group mailing list this morning: The dkim working group has completed its primary charter items, and is officially closing. The mailing list will be retained for future discussions involving dkim. The list archive will also be retained. The dkim working group was primarily focused on DomainKeys Identified […]

No Comments

Gmail and the via

I was hoping to have a detailed post up today about the conditions where gmail presents the user with a “via” but time seems to have gotten away from me. But I can give you the conclusions. A via is presented to the user when you have a DKIM pass and the domain in the […]

9 Comments

The cult of SPF lives

Years ago, prior to the public discussions of Domain Keys, there was SPF as the solution to all our email authentication problems. SPF was going to let people do all sorts of things with email. The proponents even privately asserted that it would solve the spam problem. In essence, SPF was a cult. BoF sessions […]

10 Comments

SPF records: not really all that important

I’ve been working through some Hotmail issues with a client over the last few months. One of the things that has become clear to me is how little Hotmail actually does with SPF records. In fact, Hotmail completely ignored my client’s SPF record and continued to deliver email into the inbox. This isn’t just a […]

6 Comments
  • ReturnPath on DMARC+Yahoo

    Over at ReturnPath Christine has an excellent non-technical summary of the DMARC+Yahoo situation, along with some solid recommendations for what actions you might take to avoid the operational problems it can cause.No Comments


  • AOL problems

    Lots of people are reporting ongoing (RTR:GE) messages from AOL today.  This indicates the AOL mail servers are having problems and can't accept mail. This has nothing to do with spam, filtering or malicious email. This is simply their servers aren't functioning as well as they should be and so AOL can't accept all the mail thrown at them. These types of blocks resolve themselves. 1 Comment


  • Fixing discussion lists to work with new Yahoo policy

    Al has some really good advice on how to fix discussion lists to work with the new Yahoo policy. One thing I would add is the suggestion to actually check dmarc records before assuming policy. This will not only mean you're not having to rewrite things that don't need to be rewritten, but it will also mean you won't be caught flat footed if (when?) other free mail providers start publishing p=reject.No Comments


Archives