Brad Fitzpatrick (bradfitz) wrote in lj_dev,
Brad Fitzpatrick

SPF records

Now that AOL is even publishing SPF records, I figure it's not a dorky dream that'll get nowhere, and LJ might as well support it as well!

$ dig @ txt | grep spf 3600 IN TXT "v=spf1 a mx ip4: ?all"

Unfortunately, I couldn't use "-all" (the strict mode), because I figure there are people who are sending mail from just by forging their return address (if they have a paid account, they can get the reply).

We could deprecate that, if we gave people an alternate means to send mail (SMTP AUTH, Webmail, ?) but then we have to deal with spammers, paying $2.50/month for access to our outbound SMTP servers. I suppose we could just limit the number of outgoing emails/hour/day or something per user.

Anyway, just a heads up that you can now make your SpamAssassin give negative points to LJ emails now, since they can be authenticated as coming from us.

  • Post a new comment


    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded