[CentOS] Re: DKIM

Wed Sep 24 20:03:06 UTC 2008
Bob Hoffman <bob at bobhoffman.com>


> Besides, in the OP case, SPF will change nothing for mail 
> getting out of his server, since his sender domain matches 
> his client domain (this is what gmail calls "guessed SPF"), 
> and in addition, his client is the MX of his domain, so he is 
> not going to forge his own domain on his own server.

Read a few dozen sites since the last post. The reason behind spf is as
follows...i guess.

SPF says 'this domain and this ip sendmails' and you should say 'reject any
mails you (yahoo, gmail, etc) receive that are not from 'this domain or this

The ip can be one or many. The domains can be one or many.

What they are looking for is 'are you helping them weed out their own spam?'
If someone forges your address, yahoo will then go to your site and find out
that only 'this ip and this mail server' can send mail. If the mail they got
is not agreeing with that, they crush it.

This tells yahoo you are somewhat trying to help and then they whitelist it,
so to speak. Not doing this will tell yahoo you want 'any mail from anywhere
with my email address or domains' to be accepted.

Since they do not like that, immediate greylist.

So, it is about helping them deal with forgeries and not much else. Many
servers ignore or do not use it. From what I read, you should have it.