On Sun, Apr 11, 2004 at 01:07:01PM +0200, David wrote:
| Hi !!
|
| Today we received the first spam from a spf enabled domain:
|
| Received-SPF: pass (rackuk.ols.es: domain of
| omdqqxdfgvgf(_at_)blueyonder(_dot_)co(_dot_)uk designates 213.48.36.173 as
permitted sender)
|
| also 213.48.36.173 is on a dsl zone ...
|
Looks like blueyonder is an ISP. They need to be a bit more restrictive
with their record, listing only the approved outbound mail servers,
rather than the entire network including DSL nodes.
20040411-13:19:29 mengwong(_at_)dumbo:~% dnstxt blueyonder.co.uk
v=spf1 a:mailq1.blueyonder.co.uk ip4:195.188.0.0/16 ip4:213.48.0.0/16
ip4:80.192.0.0/14 ip4:82.32.0.0/12 ip4:62.30.0.0/15 ?all
20040411-13:18:25 mengwong(_at_)dumbo:~% dnsname 213.48.36.173
213-48-36-173.wit.cvx.blueyonder.co.uk
compare tiscali.de:
Received-SPF: fail (puzzle.pobox.com: domain of
rwuskvxb(_at_)tiscali(_dot_)de does not designate 213.54.88.196 as permitted
sender)
20040411-13:21:24 mengwong(_at_)dumbo:~% dnsname 213.54.88.196
p213.54.88.196.tisdip.tiscali.de