From: wayne
Sent: Wednesday, June 09, 2004 7:54 PM
In <40C30C10(_dot_)8080805(_at_)whipple(_dot_)org> Weldon Whipple
<weldon(_at_)whipple(_dot_)org> writes:
Meng Weng Wong wrote:
mengwong._spf.pobox.com TXT "v=spf1 a:dumbo.pobox.com -all"
user1._spf.pobox.com TXT "v=spf1 include:earthlink.net ?all"
user2._spf.pobox.com TXT "v=spf1 include:verizon.net ?all"
Thanks for the explanation! I have implemented the above on the domain
I mentioned in my note. I notice in the above that mengwong... ends in
-all, and user1... and user2... end in ?all. Is there a way of saying
the following: "Everyone else (not specifically mentioned) should be
'-all'" --kind of a wildcard that eliminates all other addresses in
pobox.com?
I'm pretty sure that this will work:
*._spf.pobox.com TXT "v=spf1 -all"
If a domain implements the above, is there any way to prevent a spammer from
reading that domain's SPF record and realizing, "I can send mail as
user1.pobox.com from any trojaned host in Earthlink, as long as I make the
mail go through Earthlink's smarthosts, and it will give an SPF neutral
result, which will help it get delivered"? I don't know if I'm framing the
question right, but is there any way to prevent zone transfers of just the
TXT records of a domain to prevent this kind of attack?
--
Seth Goodman