Another in the series of "I'm fed up explaining it, click here to read my blog on it" articles.
So you get emails in to your org "from" admin@yourdomain.com telling punter about the security issues and blah blah blah. Obviously spam to anyone with double digits of brain cells. So what to do about it? Many of you run GFi Mail Essentials, but either way, you ought to be running some form of anti spam software that checks SPF records.
Wassat den?
Oh Lordy. Sender Policy Framework.
My Corp has one mail server, mail.mycorp.com which of course runs Exchange 2003 SP2. Not that it matters, but I'm hardly going to advocate some other product. So at the moment, any fool can send bucket loads of spam out "as" info@mycorp.com. Undeliverables return to "sender". Of course, this spam can actually go to john.williams@mycorp.com and he thinks it is internal.
But fairly obviously it did not come from your own server and you'd like to block it. If everyone does this, spam stops.
How?
Sender Policy Framework. A posh way of saying "Go check the SPF record in DNS. If the inbound email actually comes from my mail server, let it in, otherwise bin it."
So here is my mycorp.com domain. On my public DNS (no sense doing it and telling nobody), you add a record "v=spf1 mx -all" or similar (check http://www.openspf.org/ and run their wizard to get the right syntax). Anyone receiving email from me can check my SPF entry to see if the email that says it is from me actually came from my server.
Cut down on spam, cut down on support calls, cut down on user confusion. Now don't be sad. Cos 2 out of 3 ain't bad....
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment