[Ilugc] [Need Tutorial] Learning about email SPF records
- From: benignbala@xxxxxxxxx (Balachandran Sivakumar)
- Date: Thu, 07 Jun 2012 00:04:16 +0530
On Wednesday 06 June 2012 11:52 PM, Balasubramaniam Natarajan wrote:
I am taking icicib at nk.com and p at yp@xxxxx as just examples do not come
after me for that :-(
:D No problem. Nice examples as it contains an "include" record as well.
So in this case of icicib at nk.com they are very explicitly telling that
do not accept any email other than the IP specified below and for
p at yp@xxxxx how can we determine the authenticity of the mail received
?
Unfortunately you cannot do it based on just this. The best solution
is to write to Paypal asking them to create a proper hard fail
record(-all) instead of(~all).
I am not very sure, but there must be means to add a custom header,
something like X-SPF-Check, and ask the people in your domain to have a
filter based on that header field. If the header is set, the mails
should be handled with caution as it can be a spoof mail. But in my
opinion, it is in everyone's interest that Paypal defines a proper fail
record. Thanks
PS: On a GNU/Linux machine, if you install dnsutils package, you get the
'dig' tool. It is very easy to use, instead of using an external
website. dig -t txt icicib at nk.d0m would return all its text entries, and
hence its SPF records.
--
Thank you,
Balachandran Sivakumar
blog:
http://beningbala.wordpress.com
Arise, Awake and Stop Not Till the Goal is Reached
- Swami Vivekananda
Other related posts: