Tagspf

January 22, 2015

Office365 checking DMARC on the inbound

By laura
5 Min read
3 comments
22January

According to a recent blog post, Office365 is starting to evaluate incoming messages for DMARC. I talked a little bit about DMARC in April when Yahoo started publishing a p=reject message. DMARC stands for Domain-based Message Authentication, Reporting and Conformance. What DMARC does is allow domain owners to publish policy statements in DNS telling receiver domains what to do with messages that...

October 28, 2014

Spam, Phish or Malware?

By laura
2 Min read
1 comment
28October

Some mornings I check mail from my phone. This showed up this morning. My first thought was “oh, no, Pizza Hut is spamming, wonder who sold them my address.” Then I remembered that iOS is horrible and won’t show you anything other than the Friendly From and maybe it was some weird phishing scheme. When I got to my real mail client I checked headers, and sure enough, it...

June 12, 2014

Authenticating with SPF: -all or ~all

By laura
3 Min read
46 comments
12June

What is SPF? Sender policy framework (SPF, RFC 7208) is an authentication process that ties the 5321.from (also known as the mail from, envelope from or return path) to authorized sending IP addresses. This authorization is published in a TXT record in DNS. Receivers can check SPF at the beginning of a SMTP transaction, compare the 5321.from domain to the connecting IP address and determine if...

August 2, 2013

Too much email on the brain

By laura
1 Min read
2 comments
02August

Last night I was cruising through our local news website. I see the headline New SPF guidelines coming our way. My first thought was, “Wow, SPF made the paper?” Now, I live in the SF Bay area so there are a lot of technology related stories that hit our paper which might not see the light of day in other areas. But, still: new SPF guidelines hit the local paper before I’ve heard...

July 26, 2013

SPF Fail: too many DNS lookups

By laura
2 Min read
24 comments
26July

I’ve had a couple folks come to me recently for help troubleshooting SPF failures. The error messages said the SPF record was invalid, but by all checks it was valid. Eventually, we tracked the issue down to how many include files were in the SPF record. The SPF specification specifically limits the number of lookups that can happen during a SPF check. SPF implementations MUST limit the...

December 12, 2012

Troubleshooting tools

By laura
2 Min read
Add comment
12December

There have been a number of comments on my post about Hotmail moving to SPF authentication having to do with troubleshooting authentication failures. I have been helping clients troubleshoot these issues, and am able to take on new clients to solve authentication problems. Contact me for more information. Of course, many of these issues can be solved with access to the right tools. Steve’s...

December 6, 2012

Hotmail moves to SPF authentication

By laura
2 Min read
15 comments
06December

Hotmail has recently stopped using Sender ID for email authentication and switched to authenticating with SPF. The protocol differences between SenderID and SPF were subtle and most senders who were getting a pass at Hotmail were already publishing SPF records. From an email in my inbox from September: Authentication-Results: hotmail.com; sender-id=pass (sender IP is 65.55.240.72) header...

October 22, 2012

Setting up DNS for sending email

By steve
5 Min read
Add comment
22October

Email – and email filtering – makes a lot of use of DNS, and it’s fairly easy to miss something. Here are a few checklists to help: Data you need before you start: [table] Information,for example Return path / bounce address,bounces.myesp.com Mailserver hostname,mail4.myesp.com Mailserver external address,192.0.2.4 DKIM “d=”,greatbigmarketer.com DKIM selector,oct2012...

January 30, 2012

DMARC: an authentication framework

By laura
1 Min read
1 comment
30January

A new email industry group was announced this morning. DMARC is a group of industry participants, including large senders, large receivers and relevant intermediaries working on a framework to reduce the harm from phishing. DMARC is working on a standard to allow senders to publish sending policies and receivers to act on those policies. Currently, senders who want receivers to not deliver...

September 26, 2011

DKIM is Done

By steve
5 Min read
Add comment
26September

This was posted to the IETF DKIM Working Group mailing list this morning: The dkim working group has completed its primary charter items, and is officially closing. The mailing list will be retained for future discussions involving dkim. The list archive will also be retained. The dkim working group was primarily focused on DomainKeys Identified Mail (DKIM) Signatures and DomainKeys Identified...

Recent Posts

Archives

Follow Us