From da4bf5d3d653a4fdb809156c328bcd274c6db28b Mon Sep 17 00:00:00 2001
From: Ingo Ebel <ebeli@hdm-stuttgart.de>
Date: Mon, 18 Jan 2016 08:55:57 +0100
Subject: [PATCH] spf part
---
Doc/Sdi/mail.xml | 33 ++++++++++++++++++++++++++++++---
1 file changed, 30 insertions(+), 3 deletions(-)
diff --git a/Doc/Sdi/mail.xml b/Doc/Sdi/mail.xml
index 0f534879f..d67107913 100644
--- a/Doc/Sdi/mail.xml
+++ b/Doc/Sdi/mail.xml
@@ -414,9 +414,36 @@
<section xml:id="sdiSectSpf">
<title><acronym>SPF</acronym> (optional)</title>
- <para>more Spam prevention techniques like <acronym>DMARC</acronym>,
- <acronym>DKIM</acronym>, <acronym>DANE</acronym>, Postscreen and other
- Policy Deamons.</para>
+ <para>Where are plenty of Spam prevention techniques like
+ <acronym>DMARC</acronym>, <acronym>DKIM</acronym>,
+ <acronym>DANE</acronym>, Postscreen and other Policy Deamons (e.g.
+ <link xlink:href="???">policyd-weight</link>). Good Providers use most
+ of them. We can't test all of them in SDI. They help to detect spam
+ but not scam. So if Spammers use meine-dt-bank.de to obtain your
+ PIN/TAN by a scam this mails could also use SPF or DKIM for there
+ domain. So this techniques won't help there. The user is still
+ responsible to detect such scams.</para>
+
+ <para/>
+
+ <itemizedlist>
+ <listitem>
+ <para>Add a SPF (Sender Policy Framework) Record to match mx and a
+ to your DNS for your fantasy domain</para>
+ </listitem>
+
+ <listitem>
+ <para>its a little bit hard to test this. if you want you could
+ try to configure amavis to test for spf and set it to debug so
+ that in the mail.log you'll see what amavis does</para>
+ </listitem>
+
+ <listitem>
+ <para>then send a mail from a mailadresse from your fantasy domain
+ to an emailadresse on your server. your mailserver must use your
+ own dns</para>
+ </listitem>
+ </itemizedlist>
</section>
</section>
</section>
--
GitLab