[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Savannah-hackers-public] improving spf (anti-spam) measures from ou
|
From: |
Sergey Poznyakoff |
|
Subject: |
Re: [Savannah-hackers-public] improving spf (anti-spam) measures from outgoing emails from savannah |
|
Date: |
Sun, 05 Apr 2015 09:07:13 +0300 |
Hi Assaf,
> And it seems (if this is the right way to check) that the DNS TXT
> field from gnu.org does not carry over to savannah.gnu.org
In fact, it should not. SPF check verifies only the policy corresponding
to the sender identity set by the SMTP *envelope* MAIL FROM command.
In your second case that identity is 'address@hidden', and the
corresponding domain is 'savannah.gnu.org', therefore the SPF record for
'gnu.org' is not considered at all. So, yes, adding an SPF record for
savannah.gnu.org will definitely help. Another (perhaps even simpler)
way to make the check pass is to use 'gnu.org' as the sender domain
(e.g. by using MTA -f option). As a side note, RFC 7208 strongly
suggests to check HELO identity as well, therefore in this case
it's better to configure MTA so that it uses the same domain when
issuing the HELO command.
Regards,
Sergey