DKIM/SPF usage

steven_geerts · ‎10-21-2007

Hello,

How many of you are using SPF or DKIM to advertise your sending mail severs?
For those who use any (or both), I'm interested in your experiences with it in general and more specific: the problems/challenges you faced during the implementation of it.
One of the problems I see for us is the fact that we do not know what ISP's send legitimate mail using our domains.
If we miss an ISP that hosts a application for us and sends mail from the app, what will be the impact?
Are there solutions to minimize the impact?

Regards, Steven

jasongurtz · ‎10-29-2007

We use both and so far the experience has only been positive. We had an issue with DKIM where the record was too long for a DNS implementation, but got around that.

My advice is that if there are outside hosted apps sending email purporting to come from your domain, then they should be configured to authenticate and send through a server you are in control of (a smart host if you will). Basically the same situation as a traveling laptop user, only it doesn't travel. If you can't do that, just find out what the IP is of the machine hosting the app and add it to your SPF record of authorized senders.

Donald Nash · ‎10-31-2007

I voted for "we use both", but we don't really use DKIM, we just use DK. We're not running 5.5 yet.