Carl Hutzler wrote:
Is this use of SPF flawed?
[...]
If the [connecting IP] = [SPF record] then "trust it
more/whitelist"
It's perfectly possible for a spammer to get a PASS. You
wouldn't whitelist a spammer. But it's impossible for a
spammer to pretend to be me, he'd get a FAIL (in my case).
Unless I'm this spammer of course.
valuable reverse MX records which cover well over 95% of
the email traffic on the internet today.
Is that a guess ? 95% is a rather high number.
Perhaps SPF should be updated to have the above logic.
You can use it this way. But whitelisting a PASS only
because it's a PASS is no long term strategy:
"v=spf1 +exists:{ir}.comcast.blackholes.us -all"
Back to my day job :-)
Be careful with mail from these comcast IPs, bye, Frank