BTW,
Is it expected ?
http://spftools.infinitepenguins.net/check.php?action=spfcheck&ipv4=10.10.10.1&helo=www.egreetings.com&sender=spammer(_at_)www(_dot_)egreetings(_dot_)com
(if truncated use http://tinyurl.com/2badr )
Received-SPF: unknown (no rule found)
IP '10.10.10.1'
HELO 'www.egreetings.com'
SENDER 'spammer(_at_)www(_dot_)egreetings(_dot_)com'
I've expected domain owners prevent all emails
from sub-domains they own too.
I've expected to recieve something like:
Received-SPF: fail (match default)
And "nslookup -q=TXT www.egreetings.com" return
"v=spf1 -all"
or less restricve but still valid SPF record.
Adding single SPF record does not solve forgery problem.
Your DNS server must give SPF records to all names listed as A or CNAME
records or even more - wildcard.
Note: Nice to have this described in Best Practice section or as
compatibility requerement.
BTW, Current DNS software (a few vendors I've checked, or even specs) does
not support this
www IN A 1.2.3.4
* IN TXT "v=spf1 a mx -all"
TXT query for "www" will return not-found. While TXT query for "spammer"
will return valid "no-go from forged address" answer.
But this make no sence as "spammer" has no valid A/MX/CNAME records anyway
and can be checked without using SPF.
One more argument on using subdomains for SPF records and modifing DNS
servers sofware to support "spfv1.* IN TXT" wildcards.
--
Andriy G. Tereshchenko
TAG Software
Odessa, Ukraine
http://www.24.odessa.ua