[dns-operations] SPF

Fred Morris m3047 at m3047.net
Sun Apr 10 18:12:25 UTC 2016


I acknowledge that this is getting a little far from the remit, but I'm 
looking at some "DNS failures" related to mail delivery and I'm rather taken 
aback by some of the SPFs I'm seeing.

For instance this one, for a domain which a large corporation uses to send 
order confirmation emails:

  "v=spf1 ptr ip4:65.197.19.23, ip4:12.43.140.23, ip4:12.43.146.43/32, 
ip4:12.43.146.44/32, ip4:12.43.146.45/32, ip4:12.43.146.46/32 
include:amazonses.com +all"

(Besides the fact that it's broken because of the commas...) Doesn't "+all" at 
the end mean that anyone can send e-mail purporting to be from these people?

In this case IMO failure may be the best option...

--

Fred Morris




More information about the dns-operations mailing list