Hacker News new | past | comments | ask | show | jobs | submit login

DKIM is better (SPF doesn't prevent, for example, Amazon SES impersonating you and sending out unauthorized email on your behalf)



Neither actually prevents anything because it's up to the recipient ('s server) to apply whatever scrutiny they feel like.


DMARC actually specifies exactly what the recipient should test and what they should to with the email.

They can easily ignore DMARC records, but at least you're still telling them what to do with failing email.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: