SPF Record?

After suffering a compromised account due to a phishing email i wanted to look at better protection against this.
In this scenario a malicious sender was able spoof our domain as Sender.

We use a ProofPoint email gateway appliance and i posed the question to them and they responded suggesting a SPF Record on our public dns information.

While I am trying to get an understanding of how that works, i would like to understand the potential Impact of such a change.
Obviously if the SPF record is wrong or there are additional IP's we need to list then mail may fail to be delivered.

But do you think there may be any mail delivery delays with an SPF record?
jman0 warAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

systechadminConsultantCommented:
there wont be delays is Mail delivery having SPF records. SPF records are  required.  Refer

http://www.openspf.org/FAQ/How_does_it_work
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
172pilotCommented:
I second the recommendation for reading that link..  One thing I'll throw in is that YOU having an SPF record tells everyone ELSE how to handle your mail, and lets them decide whether or not to accept mail that claims to have come from you.  What you really need to avoid YOU becoming vicimized is a mail system that supports looking at everyone ELSES spf records..

The SPF record basically says where your mail is allowed to have originated from, so that a hacker can't just spoof a "from" address and have it go unchallenged.  If you use 3rd party companies to do web marketing under your mail domain, you may need to add their addresses as "valid" from IPs for your mail, and/or create a sub-domain for those mass mailings.

Proofpoint is a good way to go..  definitely a leader in the field.
1
jman0 warAuthor Commented:
Yes i think i understand that any legitimate spoofed sender organization, must be included in our SPF record.

I think that's where my request will fall down.
I simply do not know that information.

I'll take it up the food chain.

Thanks.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.