Updated SPF how to (markdown)

2024-11-21 18:41:36 +01:00 · 2019-06-05 20:17:12 +02:00 · 2019-06-05 20:17:12 +02:00 · 386270be51
commit 386270be51
parent 77e639d027
1 changed files with 1 additions and 0 deletions
--- a/SPF-how-to.md
+++ b/SPF-how-to.md
@ -11,6 +11,7 @@ Our current e-mail infrastructure was originally designed for any mail sending h
 * The sender address shown to the user ("RFC5322.From") is not used when authenticating. SPF uses the invisible "RFC5321.MailFrom" header. Combining SPF with DMARC removes this disadvantage. 
 * E-mail forwarding is not supported, since the e-mail is often forwarded by another e-mail server.
 * SPF does not work between domains that use the same e-mail server.
+* Parked domains should be explicitly configured to not use e-mail. For SPF this is done with an empty policy and a hard fail: "v=spf1 –all".

 # Outbound e-mail traffic (DNS records)
 SPF for outbound e-mail traffic is limited to publishing an SPF policy as a TXT-record in a domain name's DNS zone. This enables other parties to use SPF for validating the authenticity of e-mail servers sending e-mail on behalf of your domain name.