Project

General

Profile

Forums » Misc »

lighttpd.net domain is lacking SPF DNS record which triggers many anti-spam measures

Added by DreamingCat about 3 years ago

Hi,
I was trying to register as user in this forum, using email with my own domain and mail server and I found out my MX is rejecting mails from lighttpd.net

2021-09-26 02:53:15 H=lighttpd.net [5.9.70.195] X=TLS1.3:TLS_AES_256_GCM_SHA384:256 CV=no rejected MAIL <>: SPF resulted in "none" with

because the domain lacks SPF DNS record as evidenced by

https://mxtoolbox.com/SuperTool.aspx?action=spf%3alighttpd.net&run=toolpage

I had to temporarily relieve SPF policy to allow this one mail to get through but this is not good.
SPF is a framework for domain owners to designates the servers which are allowed to send outgoing emails as originated from the said domain. Without it, any malicious server can send outgoing spam email as if they were originating from your domain, potentially compromising it.

G.


Replies (2)

RE: lighttpd.net domain is lacking SPF DNS record which triggers many anti-spam measures - Added by stbuehler about 3 years ago

DreamingCat wrote:

I had to temporarily relieve SPF policy to allow this one mail to get through but this is not good.

Blocking mail from all domains missing SPF is your choice, but don't complain about it leading to false positives.
(Proper spam detection usually involves combining various metrics, and I understand missing SPF is not helping. Otoh blocking none and neutral just means you're going to miss valid mail.)

SPF is a framework for domain owners to designates the servers which are allowed to send outgoing emails as originated from the said domain. Without it, any malicious server can send outgoing spam email as if they were originating from your domain, potentially compromising it.

"potentially compromising it" - bullshit.

Also mailing lists just don't combine well with (strict) SPF policies, so SPF is simply not going to be the solution against spam.

We have our reasons for not having SPF on lighttpd.net.

RE: lighttpd.net domain is lacking SPF DNS record which triggers many anti-spam measures - Added by maxentry over 2 years ago

We have our reasons for not having SPF on lighttpd.net.

Do tell!

    (1-2/2)