Looking for a Microsoft person who can help w/ v6 and Office365 email

Bill Owens owens.bill at gmail.com
Wed Apr 22 18:06:56 CEST 2015

On Wed, Apr 22, 2015 at 11:40 AM, Frank Bulk <frnkblk at iname.com> wrote:
> Glad to hear that Microsoft did this on their O365 platform.
> Is there an RFC or other standard that we can point other email providers
to about implementing email admission in this manner?

guidelines, for whatever level of 'standard' that is:


They do a little handwaving around how to handle SPF records: "MAAWG
therefore recommends moving toward rejecting email that does not contain a
valid DKIM
signature or that does not pass SPF checks..."

I am not an expert on SPF, though I've learned quite a bit while
troubleshooting this
and I think something between the Google standard of only allowing SPF to
influence spam scores and the Microsoft no-soup-for-you mode is probably
appropriate. If I were to sketch out a policy for my own server, it might
look like this:

   missing or invalid SPF record -> increased spam score, moving to soft
fail or greylisting over time as fewer domains lack SPF
   failed SPF check -> follow the SPF record (+?~-)

I'd also only check on the true ingress, when the email enters my domain
(not too hard since I only have one mail server). With a lot of logging to
detect issues without relying on the users to report bounces (admittedly
very hard on a big server, but Google at least may be doing some of that)
and a whitelist mechanism for domains like debian.org that use v6 mail but
refuse to add an SPF record.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.cluenet.de/pipermail/ipv6-ops/attachments/20150422/1c86e32c/attachment.html 

More information about the ipv6-ops mailing list