Have you started asking your business partners, vendors, colleagues, and customers to start publishing their own SPF records?
If you are an ISP are you helping your customers to publish their SPF records?
Have you read where Microsoft is going to start sending email to hotmail.com customer's bulk (junk) mail box if there is no SPF record or no Sender ID record starting in November 2005?
To answer the questions I'm asking:
1. We believe SPF is going to win out over Yahoo Domain Keys or Micosoft's Sender ID.
2. Yes, we've published our own SPF records.
3. Yes, we've started contacting all business relationships encouraging them to publish their SPF records; and when we have been able, we've actually provided recommendations on the SPF records to publish.
4. Yes, we are helping our customers. We use H-Sphere 2.4.3 and it incorporates SPF. Customers who have simple SPF record needs just click on a button to turn on SPF. Customers with custom needs can publish a custom TXT record.
5. Yes; and that gives us a push on what we are doing in the world of fighthing email spoofing.
I'm familiar with the older discussion that stopped on 6/17 along with going off tangent <smile>.
I was hoping to get some input on the recent news (which came after 6/17, at least from the news sources we have access) about Microsoft stating hotmail.com will place email to hotmail.com subscribers into junk mail if there is no spf or sender ID record in place.
We have sent out several emailings to our customers; and are currently working on sending out a mass postal mailing (yes, regular mail) encouraging our customers to work with us and their partners to publish the appropriate SPF records.
We have contacted all of our partners who either publish non recommended SPF records (such as "+all" at the end) or don't publish SPF records asking them to start publishing; and when we are able actually providing SPF record recommendations for their use.
Have any of you started a dedicated move forward with SPF?
Have you encountered any road blocks?
Do you believe you will have most of your customer base publishing their SPF records by or before this November 2005?
P.S. Corey, thank you very much for your posts. I hope others will provide feedback as well.
I currently run shared servers only but, they all have SPF records into the DNS record template. Secondly, I'm going to offer hardened dedicated boxes that include SPF records in the template already. I think it's a good move.
MediaLayer, LLC - www.medialayer.comLearn how we can make your website load faster, translating to better conversion rates for your business!
The pioneers of optimized web hosting, featuring LiteSpeed Web Server & SSD Storage - Celebrating 10 Years in Business
From a provider stand point, we face consumer awareness -- they know spoofing is a problem, but SPF is geek to them -- tied to complexity.
The complexity steps from being aware that one's SPF records has to deal with all domains, machine names, etc. that can send out email or be abused, but must include the SPF record of any 3rd parties which may send out email on behalf of the said domain / machine names.
For instance, if you utilize Authorize.net, and have Authorize.net send out credit card receipts to your customers, then you need to include their SPF record as part of your own so that email they send out claiming it is coming from you gets through ok.
We are also seeing mixed results from very large companies.
While we see more and more fortune 1000 on up companies publishing their SPF records, some like Sprint PCS do not. Then it gets to be a matter of how to get in touch with them to encourage them to do so.