What guidelines besides SPF should I use in my MTA?

Sender Policy Framework

Answer to the question from the area: adoption and introduction


What guidelines should I use in addition to SPF in my MTA?

The SPF RFC states that the SPF controls are only really useful in certain situations, because the MTAs alone can block a lot of spam before the SPF test even takes place. To do this, you have a list of controls here that you can use to block a lot of spam, and all you have to do is test messages for SPF that still arrive.

  1. The domain of the transshipper must contain either an A record or an MX record
  2. The A or MX entry of this sender domain must not contain [0.0.0.0/8] [10.0.0.0/8] [127.0.0.0/8] [172.16.0.0/12] [192.168.0.0/16].
  3. The IP address of the connection client must have a PTR entry
  4. The HELO hostname must be a well-formed FQDN with an A record and must not be your own hostname.

Note that the rules 3 & 4 are often violated by legitimate but unsuspecting domains that do not take this kind of detail into account. You can also configure these settings in Postfix at http://www.postfix.org/uce.html


Back to overview: SPF - Questions and answers
© 2012 - 2020 nicmanager.com