A quick peek in my spam folder tells me SPF doesn't work

In reply to a post by BatBoy:

A quick peek in my spam folder tells me SPF doesn't work

Unfortunately neither your or I have a control - a copy internet without SPF or DMARC.

DMARC is probably more effective, but a pain to configure, unless you use one of the big mail hosts that does all the work (e.g. Google GSuite, Microsoft Exchange 365, or similar).

Edited by jchamier (Sat 05-Aug-17 17:47:14)

Thinking before the time that SPF existed, there was Spam and forwarding worked.
Now that SPF exists, there is Spam but forwarding doesn't work.
It's quite obvious that SPF hasn't stopped Spam but has stopped forwarding.

I think you're being deliberately obtuse

Forwarding can work, if the forwarding is SPF aware - they've only had 10 years to get that right. Some might say the forwarding company are being lazy not updating the systems. Do they understand STARTTLS either?

SPF has had an impact in reducing total spam, but maybe not in your spam folder. Try asking the Gmail admins

In reply to a post by jchamier:

I think you're being deliberately obtuse

I kept my reasoning simple so it was obvious. Unfortunately you chose to resort to insults

In reply to a post by BatBoy:

I kept my reasoning simple so it was obvious. Unfortunately you chose to resort to insults

I wasn't meaning to be insulting. Your reasoning seemed limited to your personal experience, rather than the scale of a large ISP. At the individual level many technical facilities don't seem to "work" but definition of that word is complex

In reply to a post by jchamier:

Anyone whom runs their own domain can configure SPF as they like, and/or choose to implement DMARC.

We do exactly that, our mail server supports several domains in which has its own MX and SPF Records which woks great and haven't had any issue since we have put the SPF in place.

In reply to a post by jchamier:

They seem to work in improving the mails delivered successfully stats . Anyone whom sends emails to the big USA ISPs will find they need both or the mail is blackholed

SPF will be fine for those big USA ISP's, DMARC is just a feature that combines both DKIM and SPF, so all DMARC does is check what the sending server is using and will use that.

So as long as you have SPF and/or DKIM installed you should be fine.

And we already know that SPF is there so that the receiving end know that the server that sent the email is allowed to send emails for that domain, DKIM is just there to stop tampering of the actual email, so you can tell it to protect the FROM, TO, DATE, SUBJECT, MESSAGE-ID etc, granted this also needs to have a RSA Public Key stored in each of the domains DNS records for this to work.

So by using both SPF and DKIM you are protecting your emails from tampering and also making sure they came from the correct legit mail server.

Now do I think everyone should install DMARC, if your doing a fresh install of your server that consists of a mail server with one or more domains with their own MX Record, then yes, if not then just install SPF and / or DKIM.

Paul

In reply to a post by jchamier:

In reply to a post by BatBoy:

A quick peek in my spam folder tells me SPF doesn't work

Unfortunately neither your or I have a control - a copy internet without SPF or DMARC.

DMARC is probably more effective, but a pain to configure, unless you use one of the big mail hosts that does all the work (e.g. Google GSuite, Microsoft Exchange 365, or similar).

I agree 100% there.

Paul

I have used forwarding to my Zen address since I joined them.

Unless I have not understood this correctly, I think I now know why some important emails have gone missing.

I really do not have the time at the moment to sort this out.

So ZEN, if you have changed this without telling us then PLEASE PUT IT BACK HOW IT WAS. and if you haven't changed anything then please let us all know here so that we can stop wasting time trying to sort it out.

PS I do not regard your silly news letter of informing us about anything. That goes staight in the bin.

In reply to a post by Sandgrounder:

I have used forwarding to my Zen address since I joined them.

Then its your provider where you set up the forwarding that is in the wrong. Review the above posts for more, and consider using your forwarding provider to supply POP or IMAP services, not forward to Zen.