interface cobalt

Have you set up SPF records for your domain names yet? Even if SPF isn’t able to defeat spam completely, it is in my opinion a pretty good way of at least helping to do so.

SPF is, in case you haven’t heard about it before, meant to reject emails that claim to be sent from certain domain names without the authorization of the owners of those domain names. That is, SPF is designed to stop email spoofing.

I’ve heard that the main SPF website is a bit confusing, and that’s probably right. Here is a HOWTO that might be better at explaining the syntax of SPF, and a good place for more detailed information is the Internet Draft.

Here is the SPF record for erikisaksson.com:

v=spf1 a ptr:swip.net ~all

That SPF record allows email to be sent from erikisaksson.com and any domain under swip.net (the domain my ISP uses for e.g. their SMTP servers), while email sent from anywhere else should softfail. For all of my other domain names, I’m using the following SPF record:

v=spf1 -all

…which means that all emails sent from those domain names should fail (because I’m never sending any emails from those domain names).

This entry was posted on Saturday, July 31st, 2004 at 6:09 pm CEST (July 31st, 2004 4:09 pm UTC) and is filed under Internet. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.