[opendmarc-users] opendmarc & smf-spf

Benny Pedersen me at junc.eu
Mon Nov 30 07:12:25 PST 2015


A. Schulze skrev den 2015-11-30 15:38:
> Am 30.11.2015 um 11:52 schrieb Django [BOfH]:
>> How good is opendmarc's own spf-implementation? Is it robust enough 
>> for
>> production.use? Or exists a nother milter for spf review?
> 
> I do not use nor recommend opendmarc's own spf-implementation.

why not ?

> but prefer smf-spf with my own set of patches 
> (https://andreasschulze.de/spf)

neat patches, but i dont use smf-spf

would it not make sense to make opendmarc spf safe(r) on its own ?

yes i have sayed it before and properly again :(

make opendkim sign only, and make opendmarc verify spf / dkim

and opendkim could still do the verify aswell, redesign librarys to 
latest rfcs that is then used in openspf/opendkim/opendmarc, that way we 
make sure all is up2date with latest rfcs, but stiill have the 
flexibility to install and use as we wish

> Also remember that SPF-Results added by a postfix policy daemon
> require a recent version of postfix ( > 2.10.x ? )
> A SFP-Milter work also with older postfix versions.

same does pypolicyd-spf

see headers from this maillists here breaks dkim :(


More information about the opendmarc-users mailing list