Reply to post: Re: Government mail/DNS administration incompetence.

Maybe double-check that HMRC email? UK taxman remains a fave among the phisherfolk

Anonymous Coward Silver badge
Boffin

Re: Government mail/DNS administration incompetence.

SPF was a good idea, but... people implemented it wrongly and didn't include their external ESPs and suchlike which meant that SPF gradually became useless. It also doesn't handle cases where recipients auto-forward messages to their other address (and don't claim that SRS is workable). It's a score in a spam filtering system only.

DMARC however supersedes it by signing emails and publishing the public key in DNS... and it works much better. Except organisations aren't keeping the keys up to date and other orgs don't have the balls to flat-out reject anything that doesn't pass. There's still some promise in the system though, unlike SPF which is defunct.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021