nanog mailing list archives

Re: Email Server and DNS

From: "John Levine" <johnl () iecc com>
Date: 4 Nov 2013 04:11:09 -0000

MX, PTR, and SPF are really all you need.


So far so good, noting that a host name that doesn't look generic is
better than one that does.

I would recommend you go a
step further and use DKIM, ADSP, and DMARC.


Using DKIM is a good idea.  Do *not* use ADSP.  It is a failed
experiment which will provide no benefit and considerable pain.
(Check the author list on RFC 5617 before arguing, please.)

If you believe that your domain is heavily forged (which if you are
not Paypal, Facebook, or a large bank or ISP, it almost certainly is
not), you can set up a DMARC record to collect some statistics about
what mail other people are getting that appears to be from you.  Do
not try to use DMARC to tell people to quarantine or reject your mail
until you are really sure you understand the statistics you're
getting.

R's,
John

Current thread:

Email Server and DNS rwebb (Nov 03)
- Re: Email Server and DNS Rich Kulawiec (Nov 03)
  - Re: Email Server and DNS Jimmy Hess (Nov 03)
    - Re: Email Server and DNS Rich Kulawiec (Nov 08)
    - Re: Email Server and DNS rwebb (Nov 08)
- Re: Email Server and DNS Private Sender (Nov 03)
  - Re: Email Server and DNS TR Shaw (Nov 03)
  - Re: Email Server and DNS Jim Popovitch (Nov 03)
  - Re: Email Server and DNS John Levine (Nov 03)
    - Re: Email Server and DNS Dave Crocker (Nov 04)
    - Re: Email Server and DNS Franck Martin (Nov 04)
    - Re: Email Server and DNS David Conrad (Nov 04)
  - Re: Email Server and DNS bmanning (Nov 03)
  - Re: Email Server and DNS Stefan Foerster (Nov 03)
- Re: Email Server and DNS William Herrin (Nov 08)
  - Re: Email Server and DNS bmanning (Nov 08)