|
|
|
|
|
|
by pracer
1623 days ago
|
|
|
I would add that SPF alone may not be enough, and that's why some of the other mechanisms are needed. AFAIK if you have a softfail SPF (a record ending in `~`), you would need DMARC or DKIM. But the SPF is needed always in order to specify the domains/ip that are allowed. The other two mechanisms are used for making it more strong and reducing the potential phishing attacks. In particular, a softfail SPF may be fixed by using a "rejected" or "quarantine" DMARC policy. But this is from the RFC document, so it may be that in practical cases things are more nuanced. |
|
|