Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsSpark New Zealand (including Skinny and BigPipe)Spark should... add SPF records to xtra.co.nz
jnimmo

1098 posts

Uber Geek
+1 received by user: 255


#157288 26-Nov-2014 16:22
Send private message

Please publish SPF records for Xtra, getting so tired of all the spam from the harvested address books of the hacked Yahoo accounts :)

Obviously would need to just be doing a positive assertion if it came from legitimate servers rather than triggering hard fails for quite some time, but at least I could then add a tag in our email system to say 'this is probably a genuine email'.

Create new topic
ajobbins
5053 posts

Uber Geek
+1 received by user: 1279

Trusted

  #1183482 26-Nov-2014 17:04
Send private message

Too many people who send via other SMTP servers (Ie. while on mobile data on another carrier) perhaps?

Better to have no SPF than to have lots of SPF failures




Twitter: ajobbins



jnimmo

1098 posts

Uber Geek
+1 received by user: 255


  #1183501 26-Nov-2014 17:17
Send private message

That's why I said positively assert the correct servers
i.e. +include_spf.xtra.co.nz and leave a neutral ?all. May be able to introduce softfail eventually.

SPF PASS is useful for authenticating the domain for use as a parameter to a spam classification engine. That is, the domain in the sender address can be considered to be authentic if the originating IP yields an SPF PASS. The domain can then be referenced against a reputation database.

There is no excuse to use other SMTP servers; should be using the correct servers with TLS and SMTP authentication.

Outgoing mail server: send.xtra.co.nz
Uses SSL
Port: 465
Outgoing server requires authentication

Works from any carrier or device.

Everyone is happier when they aren't getting mail back from all of their contacts 'stop spamming me' etc.
And people who were using other servers would quickly learn to switch to the correct ones.

SirHumphreyAppleby
2938 posts

Uber Geek
+1 received by user: 1860


  #1183514 26-Nov-2014 17:41
Send private message

jnimmo: There is no excuse to use other SMTP servers; should be using the correct servers with TLS and SMTP authentication.


Rubbish. There is no excuse to force people to use the servers of their ISP.

So long as the server complies with the requirements of RFC822, or optionally, any later SMTP specification, users should be free to send mail using any system they choose.



ajobbins
5053 posts

Uber Geek
+1 received by user: 1279

Trusted

  #1183515 26-Nov-2014 17:43
Send private message

jnimmo:

Works from any carrier or device.



Except where the carrier blocks that port or sending mail via anything other than their SMTP gateway. Not sure how common that is these days, but it used to be very typical.




Twitter: ajobbins

ajobbins
5053 posts

Uber Geek
+1 received by user: 1279

Trusted

  #1183519 26-Nov-2014 17:49
Send private message

SirHumphreyAppleby: 

Rubbish. There is no excuse to force people to use the servers of their ISP.

So long as the server complies with the requirements of RFC822, or optionally, any later SMTP specification, users should be free to send mail using any system they choose.


I kinda disagree with this. Ideally you should, where possible, send mail from a server that is able to be authenticated as a trusted source of mail for that domain. SPF is an excellent way of doing this, and DKIM signing is useful too.

However, with ISP email this often isn't that practical. I do see what the OP is saying. Add an SPF so that those who do send via the ISP's trusted mail servers get the benefits of an SPF record pass, but those who don't are no worse off.




Twitter: ajobbins

jnimmo

1098 posts

Uber Geek
+1 received by user: 255


  #1183521 26-Nov-2014 17:51
Send private message

Sorry, I should have said use the Yahoo SMTP servers then. I'm not suggesting forcing people to use the ISP SMTP, they should be forced to use the SMTP gateway of their email provider though.

Port blocking was primarily for security reasons I think, when connecting to the secure ports like 465 etc I haven't had issues recently.

 
 
 
 

Shop now for Lenovo laptops and other devices (affiliate link).
ajobbins
5053 posts

Uber Geek
+1 received by user: 1279

Trusted

  #1183524 26-Nov-2014 17:58
Send private message

Port 25 used to be particularly bad (due to security), but I think I recall running into issues with sending via the secure ports on Xtra in the days where they were less commonly used.

If you used an off-ISP address via an Xtra connection you used to have to add your outgoing address in the Yahoo mail portal, and then receive and validate that address before their SMTP server would allow you to send via it.

I vaguely recall having to do this in my early Google Apps days (years ago now), and Google Apps has never allowed sending/connecting via port 25 anyway.




Twitter: ajobbins

Create new topic








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.








RSS feeds
Main feed
Forums feed
Copyright
©2002-2026 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright