Hey all - thanks for taking the time, and I apologize because I KNOW this
has been addressed, but I can't seem to understand it in the context of my
setup, so I am going to risk asking it specifically for my situation.
We use a remotely hosted server, and my confusion lies in what I need to add
to the list of allowed hosts (is a "host" in this context an MTA, a gateway,
or a user).
It's obvious that I need to add "mail.example.com" (our MTA) to the record.
What is much less obvious to my simple, pea-sized brain is whether or not to
include the following:
I access the server through an sbcGlobal dsl account with dynamic ip, and my
office access the server through a charter account with static ip. We
authenticate the SMTP session and send the mail - however, all the MTA
action is taking place from mail.example.com on a single ip - we have no
aliased gateways or smarthosts.
My question is, do I need to include the accounts that ACCESS our server to
send mail (sbcglobal and charter), or are we just dealing with MTA hosts -
in this case only the single mail.example.com?
I can see the logic (benefits and pitfalls) either way. If the SPF is just
checking the MTA, then it would only filter spoofed servers and not do much
against harvesting. If it verifies the pipe the user used to access the
MTA, then that is some serious filtering, but also some serious
recordkeeping (every user on a dynamic ip would have to have a dDNS record
for their home, office, smartphone, etc.)
So do I JUST use the wizard to set up a single ip for our MTA, or add every
accessing account I can think of to the MX include?
Thanks, and again I apologize for asking such an over-asked question. I
just don't understand any of the answers.
Shannon
-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/1020/=now
RSS Feed: https://www.listbox.com/member/archive/rss/1020/
Powered by Listbox: http://www.listbox.com
has been addressed, but I can't seem to understand it in the context of my
setup, so I am going to risk asking it specifically for my situation.
We use a remotely hosted server, and my confusion lies in what I need to add
to the list of allowed hosts (is a "host" in this context an MTA, a gateway,
or a user).
It's obvious that I need to add "mail.example.com" (our MTA) to the record.
What is much less obvious to my simple, pea-sized brain is whether or not to
include the following:
I access the server through an sbcGlobal dsl account with dynamic ip, and my
office access the server through a charter account with static ip. We
authenticate the SMTP session and send the mail - however, all the MTA
action is taking place from mail.example.com on a single ip - we have no
aliased gateways or smarthosts.
My question is, do I need to include the accounts that ACCESS our server to
send mail (sbcglobal and charter), or are we just dealing with MTA hosts -
in this case only the single mail.example.com?
I can see the logic (benefits and pitfalls) either way. If the SPF is just
checking the MTA, then it would only filter spoofed servers and not do much
against harvesting. If it verifies the pipe the user used to access the
MTA, then that is some serious filtering, but also some serious
recordkeeping (every user on a dynamic ip would have to have a dDNS record
for their home, office, smartphone, etc.)
So do I JUST use the wizard to set up a single ip for our MTA, or add every
accessing account I can think of to the MX include?
Thanks, and again I apologize for asking such an over-asked question. I
just don't understand any of the answers.
Shannon
-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/1020/=now
RSS Feed: https://www.listbox.com/member/archive/rss/1020/
Powered by Listbox: http://www.listbox.com