Find solution
How to generate SOAP message with WCF?

For those of you whose organizations generate serious email traffic, have you implemented DKIM and/or SPF? If so, how are you and your email intermediary 'stewards' making use of it?

  • DomainKeys Identified Mail (DKIM) lets an organization take responsibility for a message while it is in transit.  The 'organization' referred to here is a 'steward' of the message, either as its originator or as an intermediary -- that is, an organization that takes responsibility for a message's conveyance.   Sender Policy Framework (SPF) is an e-mail validation system designed to prevent e-mail 'spam' and phishing by tackling source address spoofing, a common vulnerability. SPF allows administrators to specify which hosts are allowed to send e-mail from a given domain by creating a specific SPF record in the public Domain Name System (DNS). Mail exchangers (intermediary 'stewards') then use the DNS to check that mail from a given domain is being sent by a host sanctioned by that domain's administrators.   The point of this question: - Which of the methods (or both?) are in general use, and to what degree? - By putting DKIM and/or SPF in place, are the intermediaries (over which the sending organization has little control) actually making use of them? - How are DKIM and SPF being used? Are you, as the originating organization being informed of authentication failures?  - Are DKIM and SPF information being used to provide additional information, regarding deliverability?  - Are the major email stewards of the internet, such as Yahoo!, GMail or MSN using this information as part of a forensic analysis of intentional email spoofing and phishing?

  • Answer:

    I've looked into SPF a little recently.  The main concerns about it are that it is inconsistently applied in different domains, so you never know whether non-validated mail will be marked as spam, or ignored, and also that as a sender you don't have any way to confirm messages are being received. For example if I send you a mail to your work address you may have all mail at that address automatically forwarded to a personal address where you read it. When the mail arrives at your personal address the sender domain will not appear to be valid and it could be marked as spam or fail to be delivered.  I receive no notification of this failure. Currently we have an IP lock in place to prevent us receiving mail internally from any domain spoofing under our address, but this does not prevent mail being spoofed to addresses outside out domain.

Nick Woodcraft at Quora Visit the source

Was this solution helpful to you?

Other answers

Excellent Quora question After months of testing (and although) we have not yet reached an exact verdict, it appeared that the use of ~all vs. -all at the end of the (spf) txt record for our many google app domains had little effect in the way the various spam gateways and recipients read the headers. It did not in itself (either) stop our mail domain being hi-jacked. Good news: What IS interesting that the recent inclusion of the DKIM txt record Google will so kindly generate now in our (apps) dashboard, appears to immediately interdict the hijacking of our addresses outside the domains we have implemented it in. i.e. (txt rec) google._domainkey - v=DKIM1; k=rsa; t=y; p=gobbledegouk . . .

Stu Rader

Related Q & A:

Just Added Q & A:

Find solution

For every problem there is a solution! Proved by Solucija.

  • Got an issue and looking for advice?

  • Ask Solucija to search every corner of the Web for help.

  • Get workable solutions and helpful tips in a moment.

Just ask Solucija about an issue you face and immediately get a list of ready solutions, answers and tips from other Internet users. We always provide the most suitable and complete answer to your question at the top, along with a few good alternatives below.