|
FastMail Forum All posts relating to FastMail.FM should go here: suggestions, comments, requests for help, complaints, technical issues etc. |
|
Thread Tools |
5 Aug 2017, 05:31 AM | #1 |
Master of the @
Join Date: May 2003
Posts: 1,320
|
spam issue (outgoing)
Email is being sent with links (presumably phishing) pretending to be from my email address.
My email is at FM (a none-FM domain). Can the SPF setting be changed so that any email purporting to me if not sent through FM is rejected by recipient email providers? Thanks. |
5 Aug 2017, 07:04 AM | #2 |
Master of the @
Join Date: Feb 2017
Location: USA
Posts: 1,722
|
I think this is a pretty good explanation of what is probably happening: http://domainhelp.com/email/somebody...in-name-in-it/
|
5 Aug 2017, 09:57 AM | #3 | |
The "e" in e-mail
Join Date: May 2003
Location: mostly in Thailand
Posts: 3,090
|
Quote:
The specific process you need to follow to set up SPF and DMARC for your domain depends on where the DNS for your domain is managed. |
|
6 Aug 2017, 03:26 PM | #4 |
Intergalactic Postmaster
Join Date: May 2004
Location: Irving, Texas
Posts: 8,926
|
As BritTim said, if you have control over the domain you can change the SPF and DMARC settings to anything you like, but different email providers will interpret or ignore those settings in various ways.
|
7 Aug 2017, 06:32 AM | #5 |
Master of the @
Join Date: May 2003
Posts: 1,320
|
I think
v=spf1 include:spf.messagingengine.com -all is the solution Really this should be the FM default |
7 Aug 2017, 09:05 AM | #6 | |
Intergalactic Postmaster
Join Date: May 2004
Location: Irving, Texas
Posts: 8,926
|
SPF and DMARC
Quote:
That's what I have done for my domain. But if that was the Fastmail default, persons setting up new DNS hosting at Fastmail would find they could no longer send from other SMTP servers as they might have done before. And anyone you send to who forwards their email to another account for reading might not receive any of your messages (unless you set up DMARC for your domain), since SPF normally breaks email forwarding and only DMARC DKIM can be used on forwarded email. So Fastmail requires you to disable the default SPF record contents and add your own custom SPF record so you don't accidentally block messages you send. The default SPF record for your domain is set to: Code:
v=spf1 include:spf.messagingengine.com ?all which currently expands to: v=spf1 ip4:66.111.4.0/24 ip4:107.150.24.0/24 ?all
Bill |
|
7 Aug 2017, 07:32 PM | #7 | |
The "e" in e-mail
Join Date: Feb 2006
Location: EU
Posts: 4,944
|
Quote:
I wonder how to square the long procedure described by Bill with the stock advice frequently given here: "get your own domain and your email will be working smoothly forever after" |
|
7 Aug 2017, 07:45 PM | #8 | |
The "e" in e-mail
Join Date: May 2003
Location: mostly in Thailand
Posts: 3,090
|
Quote:
|
|
8 Aug 2017, 02:38 AM | #9 |
The "e" in e-mail
Join Date: Apr 2011
Location: Manchester UK
Posts: 2,616
|
Just looking at the DMARC record for fastmail.com:
v=DMARC1; p=none; fo=1; rua=mailto:etc And noticed the additional "fo=1", which is Forensic reporting. And I'm wondering if anyone here on the forum uses this option? From my (admittedly not very good) knowledge of DMARC, this record seems to let e-mails pass but generates a report? |
8 Aug 2017, 11:31 AM | #10 | |
Intergalactic Postmaster
Join Date: May 2004
Location: Irving, Texas
Posts: 8,926
|
Quote:
Bill |
|
10 Aug 2017, 09:30 PM | #11 |
Essential Contributor
Join Date: Jan 2017
Posts: 278
|
|
11 Aug 2017, 12:14 AM | #12 | |
Essential Contributor
Join Date: Apr 2008
Posts: 371
|
Quote:
If you ONLY ever send e-mail from your e-mail address through FastMail's servers (either the web interface, or using smtp.fastmail.com from your mail client), then there's absolutely no harm in using "-all" ... the danger is that many users don't fully understand these things, and may have mail clients configured to send through their ISP's SMTP servers, or sometimes even corporate servers depending on firewall issues. Further, if you have third-party services that send out e-mails on your behalf these need to be included in the SPF record as well. For example, I send out invoices from Freshbooks from my e-mail address, so I've had to include Freshbooks' SPF records in my own as well, using a second "include" directive. |
|