[Dovecot] spf record
Matt
lm7812 at gmail.com
Wed Nov 28 19:36:00 EET 2007
> > One thing that bugs me is why we must now implement domainkeys on top
> > of SPF. SPF pretty much does everything domainkeys does but simpler.
>
> Because SPF is a broken hack that doesn't properly accomodate the
> forwarding of email without the use of other complicating hacks
> such as SRS which mangle the sender address.
>
> SPF should have been scrapped years ago. Instead, most large
> organizations use "?all" in their SPF entry (typically because of the
> forwarding problem), putting SPF in advisory mode which negates the
> whole purpose of having it anyway.
>
> DomainKeys at least provides a solution for the original problem; the
> ability to determine whether an email came from a mail server that
> was authorized to send from that domain, -and- the ability to embed
> that signature into the message itself rather than relying on only the
> source IP address to give that information.
>
> Everyone has different opinions on the usefulness of SPF, but the
> reality of it is, DomainKeys solves the entire problem. SPF doesn't.
Where does DKIM fit in all this? Could Exim compile it in without the
license restrictions of domainkeys? I use Directadmin which is based
on exim and dovecot.
http://wiki.exim.org/DomainKeys
http://wiki.exim.org/DKIM
Matt
More information about the dovecot
mailing list