Sent mails compliant with Sender Policy Framework

Discussion in 'Feature Requests' started by David, Oct 12, 2016.

  1. David

    David Administrator
    Staff Member

    Joined:
    Dec 1, 2015
    Messages:
    784
    Likes Received:
    31
    Lots of MX domains has implemented Sender Policy Framework (SPF). SPF is a simple email validation system designed to detect email spoofing by providing a mechanism to allow receiving mail exchangers to check that incoming mail from a domain is being sent from a host authorized by that domain's administrators. The list of authorized sending hosts for a domain is published in the Domain Name System (DNS) records for that domain in the form of a specially formatted TXT record. Email spam and phishing often use forged sender addresses, so publishing and checking SPF records can be considered anti-spam techniques.

    Sender Policy Framework is defined in IETF publication RFC 7208

    Liquid Files is not compliant with SPF. For example : If an external user send a secure message to internal user. He will reveive back a confirmation e-mail sent from liquidfiles with his own address as sender. Liquid Files system spoof his domain name.

    E-mails sent from liquid files to external users should be ONLY sent with internal users e-mail or admin e-mail.
     
  2. David

    David Administrator
    Staff Member

    Joined:
    Dec 1, 2015
    Messages:
    784
    Likes Received:
    31
    [​IMG]
    Kurt D February 03, 2016 16:28
    Yes, this is ridiculous. It should come from the global address with his address in the reply-to.
     

Share This Page