Remix clone Hacker News

new | show | ask | jobs Github

	▲	Bender 4 hours ago
		According to the Reddit threads they are accepting spoofed emails. This is expected in the current dmarc/spf config. Ask them to change their SPF record from `"v=spf1 include:spf.messagingengine.com ~all` to `v=spf1 ip4:103.168.172.128/27 ip4:202.12.124.128/27 -all` They have no need for a soft fail and no need for the extra lookup as their record is tiny. ------ Also change the _dmarc record from `v=DMARC1; p=none; sp=none; rua=mailto:e3936a44@inbox.ondmarc.com` to something like: `v=DMARC1;p=reject;sp=reject;np=reject;psd=n;aspf=s;adkim=s;rua=mailto:e3936a44@inbox.ondmarc.com;` after reading up on the options, understanding the implications and setting the TXT record TTL's to something like 5 mins until it has been in place for a month, then putting it back to 1 hour or longer. The rua has been in place long enough to know what problems it will cause. Be fearless and cause some problems then fix the problems. psd= may have to be different but only fastmail staff would know for sure.