Topic: Why doesn't bitcointalk have an SPF or DKIM? (Read 178 times)
Going by the acronyms of the following email protocol SPF, DKIM and DMARC, the three are difficult to configure and require careful study to understand how they inter-relate and complement each other with their protective features. The effort, however, is worth the investment in learning how to use them. I think that may be the very reason why the forum didn't implement them because is not every user of the forum will be able to use it.
It means you can more accurately trust messages as coming from bitcointalk.
Meaning, you don't need to be afraid of phishing, if SPF or DKIM comes through, you know the message is genuine.
It might not be that important because the forum rarely sends notifications to users via email. There is an option in the settings under Notifications and Email, "Receive forum announcements and important notifications by email". That is ticked in the user's profile by default but I don't remember ever receiving any notifications. Meaning, you don't need to be afraid of phishing, if SPF or DKIM comes through, you know the message is genuine.
You can opt in to receive email notifications for threads that you follow, but the old rule of not clicking on links in emails should still be respected even if those mails are from Bitcointalk.
On an unrelated note, I am always glad to see something written in Swedish, even though it's just a screenshot.
ETFbitcoin:
It means you can more accurately trust messages as coming from bitcointalk.
Meaning, you don't need to be afraid of phishing, if SPF or DKIM comes through, you know the message is genuine.
It means you can more accurately trust messages as coming from bitcointalk.
Meaning, you don't need to be afraid of phishing, if SPF or DKIM comes through, you know the message is genuine.
I see, i know it's roughly about authentication, but didn't know about the implication.
However, some mail client doesn't show whether the mail has SPF/DKIM and you need to see the header to know whether it's exist or not. Additionally, most users usually rely on spam filter and human-friendly warning message shown by mail client (e.g. "This message seems dangerous" on GMail).
Yes, but GMail (and others) use SPF / DKIM / DMARC to determine spam weight when using other factors.
Even on my own server I check several blacklists but still run DKIM and other tests to give me a number 0-10 good 11-20 marginal 21-30 probably spam 30+ deleted without even being seen.
So it's more data-points of checking to see if an email good or bad.
-Dave
ETFbitcoin:
It means you can more accurately trust messages as coming from bitcointalk.
Meaning, you don't need to be afraid of phishing, if SPF or DKIM comes through, you know the message is genuine.
It means you can more accurately trust messages as coming from bitcointalk.
Meaning, you don't need to be afraid of phishing, if SPF or DKIM comes through, you know the message is genuine.
A friendly reminder, you might want to censor your email in the image. Spam harvesters are everywhere.
Why doesn't bitcointalk have an SPF or DKIM?
Theres no TXT records at all for omail.bitcointalk.org (mail is sent from [email protected]):
root@sebastian-desktop:/var/www# dig TXT omail.bitcointalk.org
; <<>> DiG 9.16.1-Ubuntu <<>> TXT omail.bitcointalk.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35392
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;omail.bitcointalk.org. IN TXT
;; AUTHORITY SECTION:
bitcointalk.org. 3600 IN SOA amy.ns.cloudflare.com. dns.cloudflare.com. 2036516717 10000 2400 604800 3600
;; Query time: 35 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: ons apr 28 06:35:06 CEST 2021
;; MSG SIZE rcvd: 111
root@sebastian-desktop:/var/www#
The main domain (bitcointalk.org) do have a SPF, but for it to be applied to omail, it has to be copied over to omail.bitcointalk.org, OR have a wildcard (*.bitcointalk.org IN TXT 300 "v=spf1 ip4:52.45.214.107 include:spf.messagingengine.com include:amazonses.com -all")
Theres no TXT records at all for omail.bitcointalk.org (mail is sent from [email protected]):
root@sebastian-desktop:/var/www# dig TXT omail.bitcointalk.org
; <<>> DiG 9.16.1-Ubuntu <<>> TXT omail.bitcointalk.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35392
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;omail.bitcointalk.org. IN TXT
;; AUTHORITY SECTION:
bitcointalk.org. 3600 IN SOA amy.ns.cloudflare.com. dns.cloudflare.com. 2036516717 10000 2400 604800 3600
;; Query time: 35 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: ons apr 28 06:35:06 CEST 2021
;; MSG SIZE rcvd: 111
root@sebastian-desktop:/var/www#
The main domain (bitcointalk.org) do have a SPF, but for it to be applied to omail, it has to be copied over to omail.bitcointalk.org, OR have a wildcard (*.bitcointalk.org IN TXT 300 "v=spf1 ip4:52.45.214.107 include:spf.messagingengine.com include:amazonses.com -all")
Jump to: