Crate: decon_spf 0.2.4: Work with Sender Policy Framework records.

crate.io | repo

A crate for deconstructing and constructing Spf (Sender Policy Framework) records.

This is the latest release.

Features:

  • warn-dns
  • strict-dns (using the addr crate)
    • With this feature enabled a syntactically invalid dns host will return an error.
πŸ‘︎ 3
πŸ’¬︎
πŸ‘€︎ u/bas-man-tko
πŸ“…︎ Jan 21 2022
🚨︎ report
What is SPF (Sender Policy Framework) and Why it's Important? youtube.com/watch?v=xjqmh…
πŸ‘︎ 2
πŸ’¬︎
πŸ‘€︎ u/h-educate
πŸ“…︎ Mar 22 2021
🚨︎ report
Can Sender Policy Framework β€œSPF” be bypassed?

Hey there

I’ll get straight to the point.

We have SPF applied and according to many online spoofing checkers tools it say that spoofing is not possible for our domain.

HOWEVER, our email keep getting spoofed, many people keep getting emails from our domain, emails that does not exist in our mail server and has never been created.

Keep in mind that we have about 100 email account for our employees, so its easy to keep track of each email and its owner.

So is it possible to bypass SPF and send a spoofed email?

Thanks in advance

πŸ‘︎ 2
πŸ’¬︎
πŸ‘€︎ u/iWeeez
πŸ“…︎ May 03 2020
🚨︎ report
[G+ @ 2018-06-30 17:22:36+0100] Offensive SPF: How to Automate Anti-Phishing Reconnaissance Using Sender Policy Framework - Black Hills Information Security blackhillsinfosec.com/off…
πŸ‘︎ 2
πŸ’¬︎
πŸ‘€︎ u/tmiklas
πŸ“…︎ Mar 16 2019
🚨︎ report
Two questions about Sender Policy Framework

Hi guys. I've been researching SPF over the last week and there are a couple of things I have not been able to determine.

  1. If I add an SPF record to our DNS, will I be able to see which emails have been blocked?
  2. What happens to the email if it is blocked? Will the sender of the email get a non-delivery error message or does the email just disappear?

Thanks for your help.

πŸ‘︎ 9
πŸ’¬︎
πŸ‘€︎ u/roxcursed
πŸ“…︎ Jun 02 2015
🚨︎ report
UK government email and IT - sender policy framework

I have just written this letter to a peer I saw was interested in technology issues - he's the chair of the Lords Information Committee which oversees IT in Parliament. Does anyone have any suggestions on who else to send it to - or comments on the letter itself?

Dear Lord Kirkwood,

The Government are currently doing nothing technologically to prevent email spammers impersonating official Government email addresses, or employees. At the moment, it is possible for anyone to send an email which, for those not technically-inclined, looks like a UK government email address. Interestingly, Parliament does use this!

However, there is a technology called "Sender Policy Framework" (SPF) which works by a simple process. It is a completely free system which utilises existing technologies the Government already uses.

The email protocol (called SMTP) permits any computer to send email claiming to be from any email address. This is exploited by spammers who often use forged email addresses, making it more difficult to trace a message back to its sender, and easy for spammers to hide their identity in order to avoid responsibility. I believe that the ability for anyone to forge sender addresses is a security flaw in modern SMTP.

SPF allows the owner of an Internet domain to specify which computers are authorized to send mail with sender addresses in that domain.

Receivers verifying the SPF records may reject messages from unauthorized sources before receiving the body of the message.

A government employee sending an email would send it from an authorised computer, while a spammer pretending to be a government employee would not have access to an authorised computer. This receivers which utilise this technology, which include Gmail and many other large online email providers, would be able to delete the email knowing with 100% confidence it was fraudulent.

I put in a Freedom of Information request to the Cabinet Office and was surprised they had not even discussed implementing this technology. --> http://www.whatdotheyknow.com/request/sender_policy_framework

More information on SPF is available on Wikipedia: --> http://en.wikipedia.org/wiki/Sender_policy_framework

I would be very happy to work with you further on this, perhaps drafting letters or parliamentary questions.

I believe implementing this technology would be valuable both to the Government, in knowing that any email sent out was verifiable as being from a government employee, and to people ac

... keep reading on reddit ➑

πŸ‘︎ 7
πŸ’¬︎
πŸ‘€︎ u/chrisjenkinson
πŸ“…︎ Aug 02 2012
🚨︎ report
Sender Policy Framework / Sender ID

I have to give a presentation on SPF records on Friday and would love anyone to just dumb it down for me. I just basically need to dumb it down for my audience but I have worked with it very little. Any analogies or simplified explanations of the process from sending mail server to receiving mail server and what exactly goes down would be great. I'm a junior network admin and just have limited experience with DNS across the web if anyone wants to just tackle that and relate SPF to MX records. I'm especially interested now with all the SOPA stuff going down. Thanks guys.

πŸ‘︎ 6
πŸ’¬︎
πŸ‘€︎ u/hayekspectations
πŸ“…︎ Dec 22 2011
🚨︎ report
Not sure if this is the right place - Rejecting for Sender Policy Framework?

Hello All,

We're currently in the process of migrating to office 365, and our migration is scheduled for Friday at 5pm. Yesterday, I had some users starting to get delivery failures when sending to some external email addresses. For the most part, everything is working fine. The messages vary slightly, but the one today that 2 users could not send to came back with a rejection of "Rejecting for Sender Policy Framework". I get the same error. I've googled the error, but I can't really find what would have caused this error. We've been in the migration process for weeks, but haven't made any changes for at least a week. Has anybody seen this error before? I'm not sure if its the right place, as I don't think its an exchange specific issue, but I figured i'd start here.

πŸ‘︎ 2
πŸ’¬︎
πŸ‘€︎ u/mcp614
πŸ“…︎ Jun 03 2015
🚨︎ report
Implementing Sender Policy Framework (SPF), best practices and things to watch out for?

I am planning to implement Sender Policy Framework (SPF) in our environment, I do not have any experience in this area and was hoping for some advice from the folks in r/sysadmin on what the best method is and what the look out for (gotchas).

I was thinking to use the below Microsoft wizard for creating the SPF record (Is there a better wizard to be using?):

http://www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard/

Should I only be including my MTA's for creating the record or also my internal Hub transport Exchange servers (I am thinking only my MTA's)?

After creating the record we will publish it on our authoritative external DNS server. Is it as simple as that or are any pitfalls to watch out for?

So the above it to lessen the likelihood of someone spoofing mails to send as our domain (provided others have SPF enabled I assume). Now separately our mail gateways have the option to perform SPF checks on inbound mails. It has several different levels on how to handle mails from domains that do not have SPF records (treat as spam and reject, treat as spam and quarantine, etc). Is it generally recommended to enable this?

Thanks and appreciate any advice.

πŸ‘︎ 2
πŸ’¬︎
πŸ‘€︎ u/mastersocks
πŸ“…︎ Mar 23 2015
🚨︎ report
UK government email and IT - sender policy framework : ukpolitics reddit.com/r/ukpolitics/c…
πŸ‘︎ 3
πŸ’¬︎
πŸ‘€︎ u/chrisjenkinson
πŸ“…︎ Aug 02 2012
🚨︎ report
WWYD: no cancellation policy, parcel returned to sender

Hi all,

I've been thinking... for those of you who have a no return/no cancellation policy, how do you handle returns ? As in: what do you do if a parcel gets returned to you for whatever reason (i.e. recipient couldn't be reached or refused to accept the parcel, maybe because they didn't want to pay additional fees/customs) ?

Do you cancel the order ? Refund ? Do a partial refund ? No refund at all ?

I'm curious.

πŸ‘︎ 2
πŸ’¬︎
πŸ‘€︎ u/Fireball_H
πŸ“…︎ Dec 18 2021
🚨︎ report
Federal Reserve Alert! New York Fed to Release Series on the Federal Reserve’s Monetary Policy Implementation Framework--federal funds rate (EFFR), the interest on reserve balances (IORB) and the overnight reverse repurchase (ON RRP), and discussion on the new backstop facility.

Beginning Monday, January 10, 2022, Federal Reserve Bank of New York staff will release a four-part series on its Liberty Street Economics blog about the Federal Reserve’s monetary policy implementation framework. One post in the series will go live each day between January 10 and January 13 at 7:00am EST.

The purpose of this series is to help explain how the Federal Reserve implements monetary policy today. This series is also a follow up to a speech by the New York Fed’s Lorie Logan, Manager of the System Open Market Account, last fall: Monetary Policy Implementation: Adapting to a New Environment. The blog series aims to clarify:

  • How the Fed’s approach to keeping its key rateβ€”the effective federal funds rate (EFFR)β€”within its target range has changed since the 2008 global financial crisis;
  • The role of the Fed’s key policy implementation toolsβ€”the interest on reserve balances (IORB) and the overnight reverse repurchase (ON RRP) agreement facilityβ€”in supporting the current framework;
  • How and why β€œtechnical adjustments” to the IORB and ON RRP rates are sometimes used to steer the EFFR without changing the Fed’s monetary policy stance; and,
  • How the Fed’s new backstop facility announced last yearβ€”the domestic standing repurchase agreement (repo) facilityβ€”works to support control over the federal funds rate on occasions when money market pressures unexpectedly emerge.

Authors are: Gara Afonso, Lorie Logan, Antoine Martin, William Riordan, and Patricia Zobel.

Press Call on the Monetary Policy Implementation Framework Series:

An educational deep background press call will take place on Thursday, January 13 at 2:30pm EST to provide further context on the series. Journalists interested in participating should RSVP to Betsy Bourassa and Mariah Measey at Betsy.Bourassa@ny.frb.org **a

... keep reading on reddit ➑

πŸ‘︎ 183
πŸ’¬︎
πŸ‘€︎ u/Dismal-Jellyfish
πŸ“…︎ Jan 05 2022
🚨︎ report
Fix California’s cannabis framework; eliminate the cultivation tax | By perpetuating wrong-headed tax policies, California is costing jobs and strengthening an illicit market. calmatters.org/commentary…
πŸ‘︎ 89
πŸ’¬︎
πŸ‘€︎ u/Exastiken
πŸ“…︎ Dec 13 2021
🚨︎ report
policy kid here, I need help with a framework idea:

does anyone have any prioritize the future of humanity framework cards?

πŸ‘︎ 3
πŸ’¬︎
πŸ“…︎ Jan 21 2022
🚨︎ report
Joint Statement of the Government of Canada and the Bank of Canada on the Renewal of the Monetary Policy Framework bankofcanada.ca/2021/12/j…
πŸ‘︎ 38
πŸ’¬︎
πŸ‘€︎ u/MethoxyEthane
πŸ“…︎ Dec 13 2021
🚨︎ report
Joint Statement of the Government of Canada and the Bank of Canada on the Renewal of the Monetary Policy Framework bankofcanada.ca/2021/12/j…
πŸ‘︎ 41
πŸ’¬︎
πŸ‘€︎ u/Defiant_Race_7544
πŸ“…︎ Dec 13 2021
🚨︎ report
β€œWe don’t have any answers within the current framework”: tensions within cannabis policy change in Ireland emerald.com/insight/conte…
πŸ‘︎ 57
πŸ’¬︎
πŸ‘€︎ u/getitgoing21
πŸ“…︎ Dec 14 2021
🚨︎ report
Apple's plan for iOS 15 CSAM scanning to somehow constitute "safe" surveillance is impossible without bulletproof security and an explicit moral framework to guide policy decisions. It has neither. keydiscussions.com/2021/0…
πŸ‘︎ 1k
πŸ’¬︎
πŸ‘€︎ u/MainProfession
πŸ“…︎ Aug 11 2021
🚨︎ report
FBR to Present New Policy Framework Barring Ministries From Proposing Tax Exemptions propakistani.pk/2022/01/1…
πŸ‘︎ 16
πŸ’¬︎
πŸ“…︎ Jan 11 2022
🚨︎ report
The forgotten importance of systems-thinking when it comes to accurately predicting implications in the current economic progressive and populist policy framework.

I will freely admit I am a bit of a policy and detail-orientated wonk. I spend a lot of time actually reading the meat of bills, studies, and analyses.

A lot of progressive and populist policy making envisions a world they want to operate in not necessarily the world we are actually in.

The day when M4A passes into law, we are going to have to shift the incentives in the healthcare industry to focus on outcomes and less on profits.

We are going to have to dramatically expand healthcare facilities and the healthcare worker supply.

Whenever UBI is passed into law, we are going to need to create more domestic production capacity.

If we ever get to GND with nuclear passed into law, we are going to have to dramatically increase investment in high voltage electricity transmission lines.

We need to start building and changing the systems today for the policies of tomorrow. Otherwise the growing pains may cause people to step back from committing to the policies.

Private industry is a large part of the system. We need to start changing the incentives and practices today to be ready for the policies of tomorrow.

πŸ‘︎ 12
πŸ’¬︎
πŸ‘€︎ u/Manoj_Malhotra
πŸ“…︎ Dec 31 2021
🚨︎ report
'If it ain't broke, don't fix it': BoC shouldn't change policy framework, analysts say financialpost.com/news/ec…
πŸ‘︎ 20
πŸ’¬︎
πŸ‘€︎ u/Lotushope
πŸ“…︎ Nov 10 2021
🚨︎ report
Govt to launch National Gender Policy Framework in Jan nation.com.pk/30-Dec-2021…
πŸ‘︎ 11
πŸ’¬︎
πŸ‘€︎ u/greenvox
πŸ“…︎ Dec 30 2021
🚨︎ report
FBR to Present New Policy Framework Barring Ministries From Proposing Tax Exemptions propakistani.pk/2022/01/1…
πŸ‘︎ 2
πŸ’¬︎
πŸ‘€︎ u/Nice_filbert
πŸ“…︎ Jan 11 2022
🚨︎ report
🚨 OIP-56: Policy Framework v2 🚨

OIP-56: Policy Framework v2

Snapshot has been posted for voting between now and 2 January.

As Olympus has grown, the technical levers used by the policy team have become more complex, and now include Olympus Pro, the v2 bond contract, v3 liquidity pools and potential cross-chain deployments with some liquidity mining incentives. The new bond contract is particularly important to reflect in the updated framework: because the new contract does not allow changes to certain bond terms once a bond is launched, it is important that the policy team be able to launch and deprecate bonds to maintain the level of agility mandated by the community in OIP-22.

V2 of the Policy Framework seeks to reflect these developments.

Vote here: https://snapshot.org/#/olympusdao.eth/proposal/0x9635ca2a9e439110b76ae009ff2622869d6aa293242e6b0c660e741c0e545caf

Context: https://forum.olympusdao.finance/d/622-oip-56-olympusdao-policy-framework-v2

πŸ‘︎ 2
πŸ’¬︎
πŸ‘€︎ u/GH0ST_08
πŸ“…︎ Dec 29 2021
🚨︎ report
ICC: Notice of Filing of Proposed Rule Change Relating to the ICC Governance Playbook, ICC Risk Management Framework, and ICC Treasury Operations Policies and Procedures (Release No. 34-92402; File No. SR-ICC-2021-015). Not sure if this means anything? sec.gov/rules/sro/icc/202…
πŸ‘︎ 1k
πŸ’¬︎
πŸ‘€︎ u/Dismal-Jellyfish
πŸ“…︎ Jul 14 2021
🚨︎ report
KIP-3 Introduce Policy Framework and Reward Rate Reduction snapshot.org/#/klimadao.e…
πŸ‘︎ 7
πŸ’¬︎
πŸ‘€︎ u/ChazSchmidt
πŸ“…︎ Nov 22 2021
🚨︎ report
China to commit 1.5b yuan to biodiversity fund, put in place a β€˜1 N’ policy framework for carbon neutrality: Xi - Left Review Online leftreviewonline.com/engl…
πŸ‘︎ 80
πŸ’¬︎
πŸ‘€︎ u/LeftReviewOnline
πŸ“…︎ Oct 13 2021
🚨︎ report

Please note that this site uses cookies to personalise content and adverts, to provide social media features, and to analyse web traffic. Click here for more information.