moveson at gmail.com
Thu Aug 16 17:06:19 MDT 2012
On Thu, Aug 16, 2012 at 4:54 PM, John Shaver <bobjohnbob at gmail.com> wrote:
> On Thu, Aug 16, 2012 at 4:09 PM, Merrill Oveson <moveson at gmail.com> wrote:
>> Pretend we are xyz company. So my email is moveson at xyz.com. xyz
>> email is hosted thru gmail.
>> Some of our users got an email from support at xyz.com.
>> Now our support team never send the email. It's obvious spam.
>> The question is: If we flag the email as spam, are you flagging
>> support at xyz.com as spam,
>> or is gmail smart enough to know to flag the sent from ip address?
> This is called email spoofing. If wanted to, I could send you an
> email as bill at microsoft.com and it would come through fine. If they
> flag it as spam, then, in most spam systems, it will affect legitimate
> emails from the same email address.
> The most common defense I've seen people try to use for this is SPF
> records. You can specify SPF information in your DNS TXT records that
> specify which servers are allowed to send out mail from your domain.
> Unfortunately, people don't always send email out through your SMTP
> server. When they are away from the office, they may want to send
> mail from their home connection and their ISP may require them to send
> out mail via their SMTP server and block ports otherwise (this is very
> common among the big ISPs). This means that legitimate mail will be
> flagged due to SPF records. I see very few large companies using
> solid SPF records on their domain for this reason. Most are just set
> to flag, but not deny mail from other servers.
> The other issue is that many mail servers do not even check SPF
> records and aren't required to, although I think most do.
>> It drives me crazy that gmail doesn't show the full headers.
> Even if you showed full headers, it would be very difficult to know
> who the mail actually came from and if it was legitamate if you don't
> know how to read email headers and see what servers we can confirm
> they went to (gmails servers only know which server handed them the
> mail, any other relays could be faked in the headers).
> More info on email spoofing:
> and Sender Policy Framework:
> -John Shaver
> PLUG: http://plug.org, #utah on irc.freenode.net
> Unsubscribe: http://plug.org/mailman/options/plug
> Don't fear the penguin.
Thanks for the responses...
Yeah, I have an spf1 record in my DNS for our domain.
I guess gmail didn't bother to read it, or it's set up wrong. ?
ie.: v=spf1 a mx ?all
Or does gmail require a special spf1 record setup in their DNS?
More information about the PLUG