In <1087151174(_dot_)3488(_dot_)151(_dot_)camel(_at_)nomad> Michael Weiner
<hunter(_at_)userfriendly(_dot_)net> writes:
On Sun, 2004-06-13 at 13:19 -0500, wayne wrote:
First, you can delete the /32's on the end of your IP addresses, that
is implied.
Second, if you control the IP space off the entire /29 that contains
those IP addresses and you trust your other machines not to forge
email (e.g. not be infected with worms), then you can safely just list
ip4:68.22.33.177/29
worthy of a shot, THANKS!! final format as follows:
userfriendly.net. IN TXT "v=spf1 mx a prt ip4:68.22.33.177/29 ?all"
Well, it is the right idea, but it has several problems.
The most major problem is spelling "ptr" as "prt". Some SPF
implementations will silently correct this spelling error for you, but
most will end up causing an "unknown" result (instead of "neutral").
I would move the ip4: up to the front since it requires zero
additional DNS lookups.
Since the IP address of the UF MX and A records fall within the /29,
they are redundant.
Finally, it might be worth mentioning that the ptr: mechanism requires
several DNS lookups to validate the IP address really belongs to the
UF network. (e.g., it has to do a rDNS lookup and then another DNS
lookup to make sure a spammer isn't spoofing the in-addr record.) So,
if you can do with out the ptr, it would be slightly better.
-wayne