| I actually had the same problem and was dealing with it this weekend. @dang helpfully pointed out an email to him had ended in the spam box, and a bit of investigation later revealed that some Vietnamese and Indian spammers had been sending email as me, to the tune of a few thousand emails per day. I already had SPF in place, but I've since added DKIM and a strict reject policy via DMARC. Additionally I added https://dmarcian-eu.com/ (or https://dmarcian.com/ if you're outside the EU), and this allows the DMARC reports to be sent directly there where they can be analysed and reported on. My buro9.com records now look like: ;; TXT Records
buro9.com. 300 IN TXT "v=spf1 include:_spf.google.com include:spf.mailjet.com -all"
_dmarc.buro9.com. 300 IN TXT "v=DMARC1\; p=reject\; sp=reject\; adkim=s\; aspf=s\; rua=mailto:z3qirov9@ag.dmarcian-eu.com\; ruf=mailto:z3qirov9@fr.dmarcian-eu.com\; rf=afrf\; pct=100\; ri=86400"
mailjet._domainkey.buro9.com. 300 IN TXT "k=rsa\; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCzruNqjSTPtVVkkxRUG8H0EXToKtfuccUJNx8ElnhtgtWu30P3YIAd1nwFSfQEzwLn8BycK/S9I0/F+9p5fLpE6maxZxLadVq8cnWYROIWrjZnEJ549xQjX5/TB0uOiKYTVy8q17ZMEoJbpihm/vIKzqibl2cCPTHEDk12AV9kCwIDAQAB"
buro9._domainkey.buro9.com. 300 IN TXT "v=DKIM1\; k=rsa\; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC0I0/RqPxshGephScWuBUE56L6ro4bS8FWuW3BWx93jLCpaOzY0iTAWGz58nvCSuG081ePqtnATyqcQdKxOaAYIyFyGm5fr6W4FVMAWyOP3OQ889vLFmpIPEaI/GpvBezwUdBvlxd+2xrKckXwUqhFRrG6bP4NyGDZxoSQF55DiQIDAQAB"
Note I've gone strict on SPF (against Google's recommendation), my DMARC is sending aggregate reports and forensics to Dmarcian, and I have DKIM keys for both Google (I'm on Google Apps) as well as Mailjet (I have a mailing list of 37k people and that needs to work too).So far this appears to be having the desired effect, and I don't yet know of any deliverability issues from my email. Looks like this combination works well. On domains I send no email from, i.e. buro9.co.uk: ;; TXT Records
buro9.co.uk. 300 IN TXT "v=spf1 -all"
_dmarc.buro9.co.uk. 300 IN TXT "v=DMARC1\; p=reject\; rua=mailto:z3qirov9@ag.dmarcian-eu.com\;"
An SPF that signals everything fails, and a reporting endpoint to find out if people are still trying to send spam as me. |