On Sun, Feb 08, 2004 at 04:17:00PM -0600, Karl Kraft wrote:
2) Many domains publish a wildcard record for the domain, so that
typos in urls still work. For instace all of the same work:
http://www.britneyspears.com/
http://wwww.britneyspears.com/
http://ww.britneyspears.com/
Thus, there are an infinite number of subdomains of britneyspears.com.
What you mean is
$origin britneyspears.com.
* IN A 216.166.80.117
But there is no way in SPF to indicate that they guidance I publish in
an SPF/TXT record applies to all subdomains as well as my master
domains. So if I protect britneyspears.com with the following:
britneyspears.com. 1H IN TXT "v=spf1
ip4:216.166.80.0/24 -all"
All the smarter spammer needs to do is send mail from
joe(_at_)foo(_dot_)britneyspears(_dot_)com, and SPF will return an evaluation
of None
instead of Fail.
Hmm.. maybe
$origin britneyspears.com.
@ IN A 216.166.80.117
TXT "v=spf1 a/24 -all"
* IN A 216.166.80.117
TXT "v=spf1 -all"
which will allow mail from "britneyspears.com" but not from subdomains?
Alternatively:
$origin britneyspears.com.
@ IN A 216.166.80.117
TXT "v=spf1 a/24 -all"
* IN A 216.166.80.117
TXT "v=spf1 a/24 -all"
would allow "mail from: <whatever(_at_)wherever(_dot_)britneyspears(_dot_)com>"
Or am I missing something here?
HTH
Alex
--
begin sig
http://www.googlism.com/index.htm?ism=alex+van+den+bogaerdt&type=1
This message was produced without any <iframe tags
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.7.txt
Wiki: http://spfwiki.infinitepenguins.net/pmwiki.php/SenderPermittedFrom/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡