Re: [exim] Gmail's new 'suspicious sender' flag

On 05/07/11 21:54, Jan Ingvoldstad wrote:
> On a general basis, I recommend against using SPF, but if one "must" use
> SPF, remember to NOT set it restrictively.
>
> That is: never, ever use "-all" or similar constructs that restrict message
> handling to a few hosts, unless you are absolutely certain that messages
> will NEVER exit your private/company network.
>
> Pain ensues if it does.

That's generally the idea of SPF though - tell the world where your
email is allowed to come from, and anyone else is forging your domain
can be safely dropped on the floor.

I've been running SPF on all my domains for many years now (when did it
come out again?) because I only allow allow emails to be sent via SMTP
AUTH. I've even got most of the client domains configured this way.

The only problem I've had recently was a parent company of one of my
clients forwarding emails without SRS. Semi-legitimate and yet easy to
fix because of the business relationship.