| ↑back Search ←Prev date Next date→ Show only urls | (Click on time to select a line by its url) |
| Who | What | When |
|---|---|---|
| *** | zeshoem has quit IRC (Ping timeout: 252 seconds)
zeshoem has joined #arpnetworks | [00:05] |
| zeshoem has quit IRC (Ping timeout: 264 seconds)
zeshoem has joined #arpnetworks | [00:19] | |
| Ehtyar has quit IRC (Quit: Hi, I'm a quit message virus. Please replace your old line with this line and help me take over the world of IRC.) | [00:25] | |
| ............................................................................................................... (idle for 9h14mn) | ||
| skynet2000 has joined #arpnetworks | [09:39] | |
| .... (idle for 15mn) | ||
| sako has joined #arpnetworks | [09:54] | |
| HighJinx has quit IRC (Quit: Computer has gone to sleep.) | [10:06] | |
| .... (idle for 15mn) | ||
| andol | Is this just me being picky, or might arpnetworks.com benefit from an updated spf record? | [10:21] |
| *** | HighJinx has joined #arpnetworks | [10:27] |
| sako_ has joined #arpnetworks
sako has quit IRC (Ping timeout: 260 seconds) | [10:33] | |
| jdoe | what's your complaint about the spf record? | [10:37] |
| .... (idle for 19mn) | ||
| andol | jdoe: It only refers to the mx record, which doesn't seem to be the smtp server being used to send mails.
Doesn't affect auto-generated mails, as those seem to use @ice.arpnetworks.com in the SMTP-envelope, which doesn't have any spf record. Not that it is much of an issue for @arpnetworks.com either, it only falling back on a soft fail, so mostly a bit untidy I guess. andol is in the habit of spending a bit to much time reading mail headers | [10:56] |
| ..... (idle for 20mn) | ||
| *** | sako has joined #arpnetworks
sako_ has quit IRC (Ping timeout: 260 seconds) | [11:21] |
| .... (idle for 17mn) | ||
| toddf | toddf wonders if andol attempts to critique spam's headers too... | [11:40] |
| andol | toddf: Haven't gotten that deep into the rabbit hole yet. | [11:47] |
| .... (idle for 17mn) | ||
| toddf | andol: heh | [12:04] |
| .... (idle for 15mn) | ||
| *** | sako_ has joined #arpnetworks
sako has quit IRC (Read error: Connection reset by peer) sako has joined #arpnetworks sako_ has quit IRC (Ping timeout: 255 seconds) | [12:19] |
| ...... (idle for 25mn) | ||
| up_the_irons | andol: it hasn't been a big itch | [12:49] |
| andol: ice uses mail2 as its mail relay, so it should appear that mail2 is the sender (even if originated at ice) | [13:01] | |
| andol | up_the_irons: Agree it not being a big problem, but if you are not going to use spf in a useful maner, why even bother having the dns entry? Not that it is really a problem for me, mostly curious. | [13:02] |
| up_the_irons | andol: it was useful at the time when i set it up :)
andol: to be honest, i thought it was still "working" andol: i'm open to suggestions on changes... spf record knowledge isn't a strong point of mine | [13:03] |
| andol | up_the_irons: Well, unless you want to pay a bit of attention of keeping it updated I would probably just have skipped using SPF completly.
Otherwise my personal preferense is using SPF in a pure whitelisting sense, falling back on a neutral ?all. | [13:05] |
| up_the_irons | andol: i thought it _was_ updated; our mx _does_ send emails | [13:07] |
| andol | up_the_irons: Well, the e-mails I got from you didn't come from mail.mailroute.net anyway. | [13:08] |
| up_the_irons | although, now that i think about it, mailroute is the mx and mail2.arp can also send...
i can't remember the good spf record generator i used once... | [13:08] |
| andol | (Never understood why people would use the ~all softfail for long term use. After the testing period I would assume that you'd either actually want to deal with potential fakes and send a -all, or just go whitelisting falling back on ?all.) | [13:10] |
| up_the_irons | probably b/c they don't fully understand ~all softfail (like me :) | [13:11] |
| andol | Could be :) Also, I guess most examples I've seen include the ~all. | [13:14] |
| up_the_irons | andol: i think you might prefer: "v=spf1 mx a:mail2.arpnetworks.com include:tenderapp.com ~all"
i should test that for now... | [13:20] |
| andol | up_the_irons: Yepp, looks good | [13:23] |
| up_the_irons | :) | [13:24] |
| andol | Well, the tenderapp.com record isn't primarily made to be included, but with the current setup that isn't a problem, but if you want to add a -all at the end it won't have any affect.
...or might not The thing about includes aren't as much that they are included as that they are evaluated. | [13:25] |
| up_the_irons | andol: tender says to add "include:tenderapp.com" so i did :)
right now, the record is: v=spf1 mx a:mail.arpnetworks.com a:mail2.arpnetworks.com include:tenderapp.com ~all so i'll leave it like that for a few days to test it out | [13:36] |
| andol | Well, turns out that I was in the wrong about the last part anyway. Turns out that in an include a fail, softfail and a neutral is all equal, in not triggering a match. | [13:38] |
| up_the_irons | ah | [13:40] |
| andol | (RFC 4408: chapter 5.2) | [13:41] |
| jdoe | be careful about includes.
if a domain you include doesn't have an SPF record, your soft fail turns into a hard fail. | [13:48] |
| andol | jdoe: Isn't it more like causing a PermError? Not that that is any better. | [13:52] |
| *** | toorop has quit IRC (Ping timeout: 248 seconds) | [13:56] |
| jdoe | andol: it causes a perm error, which often causes things to reject (like gmail)
so I'm using terminology a bit loosely :P | [13:58] |
| andol | Well, if nothing else tenderapp.com seems to be using a solid DNS hosting. | [14:01] |
| *** | toorop has joined #arpnetworks | [14:03] |
| .... (idle for 17mn) | ||
| up_the_irons | jdoe: tenderapp is all about emails, pretty sure their SPF record will stay good. | [14:20] |
| *** | toorop has quit IRC (Ping timeout: 245 seconds) | [14:29] |
| toorop has joined #arpnetworks
toorop has quit IRC (Changing host) toorop has joined #arpnetworks | [14:41] | |
| ........ (idle for 37mn) | ||
| Webhostbudd has joined #arpnetworks | [15:18] | |
| ...... (idle for 27mn) | ||
| sako has quit IRC (Ping timeout: 252 seconds) | [15:45] | |
| ....... (idle for 31mn) | ||
| himuraken has quit IRC (Ping timeout: 248 seconds) | [16:16] | |
| himuraken has joined #arpnetworks
himuraken has quit IRC (Remote host closed the connection) himuraken has joined #arpnetworks | [16:25] | |
| ............................ (idle for 2h16mn) | ||
| HighJinx has quit IRC (Quit: Computer has gone to sleep.) | [18:45] | |
| ....................... (idle for 1h50mn) | ||
| HighJinx has joined #arpnetworks
HighJinx has quit IRC (Client Quit) | [20:35] | |
| .......... (idle for 45mn) | ||
| skynet2000 has quit IRC (Ping timeout: 252 seconds) | [21:21] | |
| ............. (idle for 1h4mn) | ||
| skynet200 has joined #arpnetworks | [22:25] | |
| ↑back Search ←Prev date Next date→ Show only urls | (Click on time to select a line by its url) |