Click below to Expand the Menu!
|
| SPF has been implemented by ISPs worldwide to reduce Spam and Viruses |
|
Mail
Senders:
If you are trying to send emails into 1USA and
you clicked to read this page, Good!
1USA
customers are protected - better than any other ISP
service. To send emails to the 1USA customer, simply click on
the Verify Link in the email sent to you.
Mail Server administrators:
Some spammers
out there are sending out spams and faking the From email
address or the Reply-To email address... using various real
@aol.com, @msn.com, @juno.com, @gmail.com, @1usa.com and other email
addresses.
Those emails do not originate from the true
domains.
The solution: Have your Mail Server reject an email if
it doesn't arrive from the real domain. Please implement SPF on your
inbound mail server.
SPF
= Sender Policy Framework
All major ISPs use it:
AOL uses SPF... Earthlink uses SPF... Hotmail uses SPF...
surprisingly, Juno.Com now uses SPF !!
TampaBay.RR.Com now has it ...
PTD.Net finally has it...as of 6/13/2005,
Heck, even WebTV.Net
is using it!
Major Companies use it:
eBay uses SPF... PayPal uses SPF... DiscoverCard uses SPF...
Hertz.Com uses it... Chase Manhattan Bank...
even Avis Rent-a-Car !!
Your ISP should use it too!
http://spf.pobox.com has a utility to configure your DNS correctly within 3 minutes.
All Mail Server Software out there supports
SPF. Contact your software vendor for advice.
SPF means Sender Policy Framework.
With SPF turned on, your Mail Server would:
- Outgoing mail: Allow you to control which servers are authorized to use your Domain
Name. This will stop spammers from using your domain name without your permission.
- Incoming mail: Will reject any fake email pretending to be 'from' domains that
are actually coming from somewhere else - (usually a virus-infected computer somewhere).
This will lighten the load of your mail server... probably by 50%.
|
The below sample Email Header says that the sender's email address is at BlueYonder.Co.UK,
and when Replying to the email, the reply would go to prod-infinitum.com.mx in Mexico.
The email coming into 1USA is received from houston.roadrrunner.com (which is probably a hacked computer on a broadband
connection.) It's IP address is 68.206.26.207 (or supposedly so.)
Is there any question in your mind
if this is a spam or not?
Return-path: <gaitanwalter@prod-infinitum.com.mx>
Received: from cs6820626-207.houston.rr.com (cs6820626-207.houston.rr.com [68.206.26.207]) by home.1usa.com
(Vircom SMTPRS 3.1.300.0) with SMTP id <B0000844963@home.1usa.com> for <d2882@1usa.com>;
Sun, 22 Aug 2004 19:11:06 -0400
Received: from 66.205.222.80 by 199.224.105.27; Mon, 23 Aug 2004 09:28:42 -0700
To: <dgener8 @1usa.com>
From: <yadira.smiley@blueyonder.co.uk>
Reply-To: <yadira@blueyonder.co.uk>
Subject: Fwd: Va.l.ium _ V|@GRA , X@nax ` V1codin/ .P.ntermin % .S.oma gffnulsynmrh
Date: Mon, 23 Aug 2004 08:29:42 -0800
Message-ID: <XNJUJNUQQDYATBTYEPWBOYOGWILE@qhvyc.%MAILING_DOMAIN>
MIME-Version: 1.0
Content-Type: text/html; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0)
Importance: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 |
The old way:
Think about this for a minute:
Someone on a server out there somewhere in La-La Land is sending out mail using your domain name and you have absolutely no control over
it!
SPF fights email address forgery and makes it easier to identify spams, worms, and viruses.
As ISPs, companies (or anyone who manages a Mail Server) activate SPF support, those Domain owners identify their
sending mail servers in their DNS.
They say "All email from our Mail Servers will originate
from this list of IP addresses. If an email From @MyDomain originates from an IP address that's not ours, then
it's not a Legit email".
Important: Setup your SPF Record in your DNS using the "-all" (with a dash) - not the "~all"
(with a tilde).
How it works:
As an email arrives, your Mail Server Software will verify the sending ISP's SPF entry in their DNS, and can distinguish
legitimate mail from spam before the rest of the message is received, and can abort the connection.
When you're processing more than 4 million emails per day, a savings of 25% means a lot.
Restated: Emails coming into 1USA can be verified that they originate from an authorized Mail Server that's authoratative
for the From_Address.
Restated for the example above: If 68.206.26.207is not on BlueYonder.Co.UK's list of authorized Mail Servers, then
the mail sender is lying, and 99% of the time the incoming mail will be a Spam.
Since our 1USA customers don't want to be deceived, they choose to not even receive an email from a liar.
Because Spammers rely on having millions of people read their email, if we mark the Subject line with [No SPF]
we hope that everyone will delete the email without reading it.
1USA also allows its customers to choose to delete all emails that fail the
SPF Test without even reading them -- as 96% of them are spams anyway.
However, some legitimate people can get caught in the process un-knowingly:
If someone you know is connected to Earthlink and sends out email using a Hotmail address, they should know that
ISPs and Companies around the world will probably refuse the email.
Likewise, when a 1USA customer connects to a 1USA Email account, they need
to use their assigned @1usa.com email account (or their assigned @company.com account).
If your company doesn't yet have "Spam-proof" email service, you should give some serious thought to having 1USA be your Email Host.
BarryZ
www.1usa.com |
|
|
|
If you are receiving virus-infected or spam-infected emails pretending to be from 1USA or its subsidiaries, we suggest that you setup your mail server the same
way that AOL does.
http://postmaster.info.aol.com/spf/ has more information on how AOL has SPF set up.
To block further instances of fake email,
you should add an SPF entry into your DNS. http://spf.pobox.com has a utility to configure your DNS correctly within 3 minutes.
|
Click here to make 1USA.Com your homepage
,
.