How a spoofed email passed the SPF check and landed in my inbox
URL Copied
Rene Holt writing for We Live Security has shared a recent tale that gives me pause: What can go wrong if you get your SPF record wrong. Usually the risk here is that you make your SPF record too restrictive, resulting in the rejection of legitimate mail. But here's an alternate case -- what if your SPF record is so wide, so broad, that bad guys can easily send spam from certain IPs and pass authentication checks, successfully pretending to be you (or at least, successfully sending from your domain).
I think the moral of the story is that you've got to get SPF right, both in how tight and how loose your SPF record should be. Don't just blindly add a zillion IP addresses because somebody told you to; investigate and question and review.
Rene Holt writing for We Live Security has shared a recent tale that gives me pause: What can go wrong if you get your SPF record wrong. Usually the risk here is that you make your SPF record too restrictive, resulting in the rejection of legitimate mail. But here's an alternate case -- what if your SPF record is so wide, so broad, that bad guys can easily send spam from certain IPs and pass authentication checks, successfully pretending to be you (or at least, successfully sending from your domain).
I think the moral of the story is that you've got to get SPF right, both in how tight and how loose your SPF record should be. Don't just blindly add a zillion IP addresses because somebody told you to; investigate and question and review.
Rene Holt: How a spoofed email passed the SPF check and landed in my inbox
Comments
Post a Comment
Comments policy: Al is always right. Kidding, mostly. Be polite, please and thank you.