1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

Enable SPF spam protection

Discussion in 'Plesk for Linux - 8.x and Older' started by Pagemakers, Mar 30, 2006.

  1. Pagemakers

    Pagemakers Silver Pleskian

    31
    80%
    Joined:
    Dec 19, 2007
    Messages:
    664
    Likes Received:
    7
    Can somebody explain what the 'Enable SPF spam protection' feature is for on the Mail page.

    Is it supposed to be used in conjunction with Span Assassin?

    Does it work well and what is the best setting to have it on?
     
  2. CruzMark

    CruzMark Basic Pleskian

    24
    23%
    Joined:
    Mar 6, 2006
    Messages:
    84
    Likes Received:
    0
  3. Cranky

    Cranky Guest

    0
     
    The "safest" setting to ensure you don't lose genuine email that is sent from domains not using SPF yet is "reject if spf resolves to fail".
     
  4. atomicmak

    atomicmak Guest

    0
     
    what are other options ?

    SPF local rules

    SPF guess

    SPF explanation text
     
  5. atomicmak

    atomicmak Guest

    0
     
    it would be good if someone expert post a good guide for hosting server with plesk to setup easy SPF to protect from spammers.

    everything step by step.
     
  6. Pagemakers

    Pagemakers Silver Pleskian

    31
    80%
    Joined:
    Dec 19, 2007
    Messages:
    664
    Likes Received:
    7
    Yes Please
     
  7. Moretocome

    Moretocome Guest

    0
     
    Did you guys check out the Help/Admin's Guide for Plesk 8?
    I guess there should be the information you need.
     
  8. Cranky

    Cranky Guest

    0
     
    It's covered in Plesk interface help.
     
  9. atomicmak

    atomicmak Guest

    0
     
    what about spf guess and other next textbox used for ?

    as in plesk help its too short note on what is spf is all about.

    i was thinking to get help to set parameter suitable for hosting server.

    if there is any routine regular expression not to strict policy or other kind of.

    as newbie for SPF i was looking for that help.

    as i read somewhere that there is something to do with dns record too for SPF. if someone can help on this.
     
  10. eilko

    eilko Regular Pleskian

    28
    73%
    Joined:
    Aug 1, 2001
    Messages:
    468
    Likes Received:
    4
    Location:
    Enschede, Netherlands
    read all about it on http://www.openspf.org/
    use their wizard to get the right DNS change
    make the DNS change in your server
    read the Pleskdocumentation about the other settings, they even give advice on what you should put there.
     
  11. Pagemakers

    Pagemakers Silver Pleskian

    31
    80%
    Joined:
    Dec 19, 2007
    Messages:
    664
    Likes Received:
    7
    Plesk recommend: "To accept all incoming messages regardless of SPF check results, select the Create only Received SPF-headers, never block option from the SPF checking mode drop-down box. This option is recommended."

    What will that setting to?

    Basically, is it a good or a bad idea to enable SPF spam protection and select one of the two options mentioned here?
     
  12. terrion

    terrion Guest

    0
     
    There's a wizard on openspf.org that will help walk you through setting up your spf options, but like everyone else I'm a bit hesitant to do much with it yet.
     
  13. pixeline

    pixeline Guest

    0
     
    SPF for dummies ;)

    Basically, the two direct benefits of SPF i found are :

    - ensuring a spammer/virus/trojan cannot send emails using your email address in the FROM field of the email.

    - get legitimate emails to go through hotmail (and others of course) junk filter, and not be detected as spam.

    I would describe SPF as a process by which a mailserver, when receiving an email with a "From field" indicating a domain hosted on your servers, can check that the mail server that did send the emails is listed as a legitimate server by the domain's DNS manager (you i suppose). He does so by requesting the SPF record of the email from field domain name.
    [​IMG]

    The originating domain mail server will then reply either with:
    - yes, it is valid (mail server is listed in my allowed mailservers ip addresses);
    - no, it is not valid (mailserver not listed in my allowed mail servers ip addresses);
    - failed = no spf record available
    - dunno = spf record does not give an exclusive list of mailservers.

    Microsoft did a SPF wizard that i found much better than the one listed above:

    http://www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard/default.aspx

    Now, attention please: when creating your SPF record, list your allowed mailservers (possibly mail.<domain>) but don't forget your users might be accessing the internet with an ISP obligating them to use the ISP's SMTP servers. (This is for example the case here in belgium with skynet - we have to use relay.skynet.be as SMTP server).
    So these need to be listed too in the allowed servers. I'm not 100% sure of this but it seems logical to me. Can someone confirm this?

    i hope this helps a bit,

    Alex
     
  14. Traged1

    Traged1 Guest

    0
     
    You should setup a secondary mail server service on port 587 if your ISP does not allow port 25. You can find the setup for this in this forum. That way you never have to relay any emails to the server, just use your domain's email server.
     
  15. Pagemakers

    Pagemakers Silver Pleskian

    31
    80%
    Joined:
    Dec 19, 2007
    Messages:
    664
    Likes Received:
    7
    Is there a log file anywhere on the server for all emails that get dropped by the "enable SPF spam protection option"?
     
  16. teknovision

    teknovision Guest

    0
     
    Hi all!

    Thanks for your patience on this SPF stuff!!

    Am I right in saying that at a domain level i.e. as opposed to server level DNS within Plesk, the entry is as follows?

    Record Type: TXT (from dropdown)
    Enter domain name: (Left blank)
    Enter TXT record: (text/string from MS or SPF wizard)

    Furthermore, what do I have to enter for server level SPF, would really appreciate template as above?

    Once again thanks for responses, quality post!!

    .//philippe
     
  17. admin InUnison

    admin InUnison Guest

    0
     
    I'm no GEEK, but I have to say this. I see it in posts everywhere and it is extremely frustrating.
    Why is it people never answer anyone’s questions? You post a link to a site that explains it. Perhaps the issue is that these people have gone there and don't understand it. All the reading in the world is not going to explain it in lemans terms.

    I have read and read and read about SPF, and I just don't get it. Which, I’m sure other people have done as well. There are sooooo many things that are just NOT the same for everyone. PLESK, is not just a single server hosting a single website, you could be hosting hundreds on one IP address. So, when you go to openspf.org and use their great little wizard (which doesn't explain itself all that well) and you have 200 websites sharing the same server do you have to include them all? That’s just one example.

    Someone putting out a real world example would be a whole lot better. A good example educates a whole lot better than pages of unintelligible reading.
     
  18. NigelC

    NigelC Guest

    0
     
    Hi,
    I too have had a bit of a battle with this functionality as one of our large retail ISPs refuses to allow mail to be sent unless through their mail server and several of our customer's mail servers are not accepting emails, reporting SPF errors.

    After looking at openspf.org, and becoming more confused by their 'configurator', I found this on the 'SPF Record Syntax' page "v=spf1 +all" The domain owner thinks that SPF is useless and/or doesn't care....
    which seems to be working, while I work out EXACTLY what I need(and how to configure it)...not exactly the best as I believe it effectively disables SPF by allowing all?, but gives me time to work out what is going on.

    My webhost had also advised that SPF records can take 24hours to propogate(not sure if this is true?) which makes testing a long, tedious process.

    The microsoft 'configurator' seems to be much easier to use and I have managed to quickly 'whip up' a new configuration to try rather easily.

    Best Regards,
    scribbly.
     
  19. Sven L.

    Sven L. Regular Pleskian

    18
     
    Joined:
    Dec 13, 2011
    Messages:
    235
    Likes Received:
    1
    agreed. if i come here seeking help it's because the help i found in "google" didn't help me enough or i didn't understand it and i seek for further explanation.

    here's my situation:

    i want to improve my servers spam protection and i need to know what would be appropiate values for these PLESK options:

    - SPF local rules
    - SPF guess rules
    - SPF explanation text

    an example and short explanation what each thing actually means would be most welcome.

    and please don't point me elsewhere, because:

    1) plesk interface help only displays a real short and useless help

    2) info at openspf.org or the microsoft wizard is useless, as it shows me which SPF TXT DNS entries i need. that is NOT what i am asking for and i already have my SPF TXT DNS entries properly configured.

    thx


    PS: i know this is thread-necro. but this thread popped up when searching for help and the options are the same now on 11.5 than they were on 9.5.4
     
    Last edited: Aug 28, 2013
Loading...