Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Apologies if this is only on-topic in as much as I'm an Ironport customer with domains to protect, but...
If I publish a long SPF record (i.e. between 250 and ~470 characters long) then will I face a potential problem with its acceptability? I'm pu...
I'm looking at setting up inbound and outbound TLS for my cluster of two C-class machines. There are some very good TAC articles and a number of threads on the subject of TLS, but I've run into an apparent problem over the correct choice of certifica...
One of the major changes between 8 and 9 is in the handling of mail policies, which can now be a lot more sophisticated. My question is regarding the migration of a policy with a large list of senders; in a couple of cases my policies have over 100 d...
Toto, I don't think we're in Frisco [Kansas] any more.
Did I miss an announcement? senderbase.org now redirects to https://talosintelligence.com with the tools we all know and love appearing in the Reputation section; I've yet to grub around the res...
Looking through the bug list I note that a lot of the examples include the action log-entry(parameter), where parameter includes a reference to the content causing the specific instance of the bug. CSCuz01651 would be one example in question, but I'v...
Thanks to everyone who contributed to this and earlier threads on TLS and clustering. We're now back up on a single SAN certificate and my TLS charts are turning a pleasing shade of blue. Deleting the local config variation pages for our old certific...
Libin's come up with some valid ideas, but there's no perfect solution if you have to gate your AV or AS on message size (and not gating AV on size will give you time-outs anyway). Anyone who seriously wants a go at you will try padding a message, po...
I believe the problem is with UDP which imposes that string limit. Fortunately our ISP's DNS tool appears to handle this for us, as it's real DNS records I'm asking Dmarcian to survey.
Now I can take that a step further and go from using domain nam...
Yes, as soon as third parties come into the equation the ten-lookup limit becomes a serious problem, because their Include may have further Include mechanisms of its own and you (the domain owner) then have to worry about how they might change their ...
There's very few occasions where it's worth blocking by sender or envelope address or domain. I only do it where there's a persistent problem with an actual sender who's unlikely to morph. Most of my blocks are by sending server or IP range, aimed at...
