2003-12-31: 13:00 UTC
SPF MX restriction
We have enabled SPF
checks that enforce the policy of domain owners that have
declared which servers are authorized to send email for their
domains. SPF checking is enabled globally. Early next week we
will add an Account Manager configuration option to disable SPF
checking if you wish to accept email with a forged envelope
address.
Like other MX restrictions, an Allow list entry can be used to bypass SPF checks for a sender address, sender domain, IP address, or an IP address range in CIDR notation.
Like other MX restrictions, an Allow list entry can be used to bypass SPF checks for a sender address, sender domain, IP address, or an IP address range in CIDR notation.
2003-12-22: 00:10 UTC SPF - Sender Permitted From
During the first part of January we will be adding support for
checking incoming email with SPF,
a mechanism that if widely adopted will reduce the ability for
spammers to forge envelope sender addresses. If case you haven't
noticed, most all spam is sent with a sender address that is
in no way connected to the spammer or the product being hyped.
Spammers forge domain names in spam runs because using their
own domain names would be suicide, the domain is blocked in
minutes.
SPF is a mechanism that allows domain owners to publish DNS records that declare which servers are authorized to send email with their domain name in the envelope. Mail servers that support SPF can reject email if it was not sent from an authorized server.
We urge all of our customers that own domain names that we handle email for to publish SPF records. An SPF record is a TXT record that declares our servers as being authorized to send mail for the domain.
IN TXT "v=spf1 include:customer-spf.mxes.net -all"
SPF is still in flux but the record above will not change and it will work for 99% of the customers we handle email for. If a domain owner publishes the record above they have to send email through the our servers and not 'forge' the envelope with their domain name and send email through their ISPs mail servers. Its impossible for a mail server that receives email with your domain in the envelope to determine if this is a 'good forgery' by you or a 'bad forgery' by a spammer.
Customers that send email from multiple servers can use this wizard to help you create an SPF record appropriate for your situation.
SPF is not a cure-all for spam but it will help. It will help protect your domain from being forged in a spam run.
SPF is a mechanism that allows domain owners to publish DNS records that declare which servers are authorized to send email with their domain name in the envelope. Mail servers that support SPF can reject email if it was not sent from an authorized server.
We urge all of our customers that own domain names that we handle email for to publish SPF records. An SPF record is a TXT record that declares our servers as being authorized to send mail for the domain.
IN TXT "v=spf1 include:customer-spf.mxes.net -all"
SPF is still in flux but the record above will not change and it will work for 99% of the customers we handle email for. If a domain owner publishes the record above they have to send email through the our servers and not 'forge' the envelope with their domain name and send email through their ISPs mail servers. Its impossible for a mail server that receives email with your domain in the envelope to determine if this is a 'good forgery' by you or a 'bad forgery' by a spammer.
Customers that send email from multiple servers can use this wizard to help you create an SPF record appropriate for your situation.
SPF is not a cure-all for spam but it will help. It will help protect your domain from being forged in a spam run.
2003-12-14: 21:10 UTC Squirrelmail web client added
The Squirrelmail webmail client added as a webmail client choice.
