Author

Topic: Why doesn't bitcointalk have an SPF or DKIM? (Read 183 times)

jr. member
Activity: 76
Merit: 1
Going by the acronyms of the following email protocol SPF, DKIM and DMARC, the three are difficult to configure and require careful study to understand how they inter-relate and complement each other with their protective features. The effort, however, is worth the investment in learning how to use them. I think that may be the very reason why the forum didn't implement them because is not every user of the forum will be able to use it.
legendary
Activity: 2730
Merit: 7065
It means you can more accurately trust messages as coming from bitcointalk.
Meaning, you don't need to be afraid of phishing, if SPF or DKIM comes through, you know the message is genuine.
It might not be that important because the forum rarely sends notifications to users via email. There is an option in the settings under Notifications and Email, "Receive forum announcements and important notifications by email". That is ticked in the user's profile by default but I don't remember ever receiving any notifications.
You can opt in to receive email notifications for threads that you follow, but the old rule of not clicking on links in emails should still be respected even if those mails are from Bitcointalk.    

On an unrelated note, I am always glad to see something written in Swedish, even though it's just a screenshot. Smiley
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
ETFbitcoin:
It means you can more accurately trust messages as coming from bitcointalk.
Meaning, you don't need to be afraid of phishing, if SPF or DKIM comes through, you know the message is genuine.

I see, i know it's roughly about authentication, but didn't know about the implication.

However, some mail client doesn't show whether the mail has SPF/DKIM and you need to see the header to know whether it's exist or not. Additionally, most users usually rely on spam filter and human-friendly warning message shown by mail client (e.g. "This message seems dangerous" on GMail).

Yes, but GMail (and others) use SPF / DKIM / DMARC to determine spam weight when using other factors.
Even on my own server I check several blacklists but still run DKIM and other tests to give me a number 0-10 good 11-20 marginal 21-30 probably spam 30+ deleted without even being seen.
So it's more data-points of checking to see if an email good or bad.

-Dave
full member
Activity: 129
Merit: 119
ETFbitcoin:
It means you can more accurately trust messages as coming from bitcointalk.
Meaning, you don't need to be afraid of phishing, if SPF or DKIM comes through, you know the message is genuine.
hero member
Activity: 2254
Merit: 537
My passive income eBook @ tinyurl.com/PIA10
A friendly reminder, you might want to censor your email in the image. Spam harvesters are everywhere.
full member
Activity: 129
Merit: 119
Why doesn't bitcointalk have an SPF or DKIM?




Theres no TXT records at all for omail.bitcointalk.org (mail is sent from [email protected]):

root@sebastian-desktop:/var/www# dig TXT omail.bitcointalk.org

; <<>> DiG 9.16.1-Ubuntu <<>> TXT omail.bitcointalk.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35392
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;omail.bitcointalk.org.         IN      TXT

;; AUTHORITY SECTION:
bitcointalk.org.        3600    IN      SOA     amy.ns.cloudflare.com. dns.cloudflare.com. 2036516717 10000 2400 604800 3600

;; Query time: 35 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: ons apr 28 06:35:06 CEST 2021
;; MSG SIZE  rcvd: 111

root@sebastian-desktop:/var/www#


The main domain (bitcointalk.org) do have a SPF, but for it to be applied to omail, it has to be copied over to omail.bitcointalk.org, OR have a wildcard (*.bitcointalk.org IN TXT 300 "v=spf1 ip4:52.45.214.107 include:spf.messagingengine.com include:amazonses.com -all")
Jump to: