Wednesday, December 7, 2011

SPF SOFTFAIL vs FAIL

When you are configuring SPF records in DNS servers you have to clearly define the mail server policy to prevent unauthorized users sending mails to using your domain. Following is the SOFTFAIL vs FAIL comparison on SPF records.

~all ==> Defines the SOFTFAIL
-all ==> defines the FAIL

SOFTFAIL will mark e-mails as spam and forward to the sender while "FAIL" will drop the mail at the mail-server itself in case you are sending unauthorized mail server.

When you start configuring SPF records its good to start with SOFTFAIL once you identified and optimized mail servers you better go with SPF "FAIL".

As a good practice its better to configure both TXT and SPF records.

6 comments:

  1. otitkljgko98o879

    ReplyDelete
  2. uikrfvr6t778o78o78o7orfo68o

    ReplyDelete
  3. Incorrect. Fail and SoftFail messages will be acted on based on the recipient servers SPF evaluation configuration. Generally this means fails will be dropped and softfails will be tagged since this is the generally accepted practice but not necessarily.

    ReplyDelete