This just in from SPF help.
I think the problem lies with which default domain to use for "bare"
mechanisms. For instance, askjeeves.com has this SPF record:
askjeeves.com IN TXT "v=spf1 include:jeeves.ask.info ~all"
jeeves.ask.info IN TXT "v=spf1 a ptr -all"
Using 65.214.38.10, this gets PASS as expected with pyspf and all the web
SPF testers, and gmail.com gets a pass when the postmaster at askjeeves sends
mail. However, hotmail.com and godaddy.com reject the very same source IP in
SMTP envelope (before reading any sender-id headers), citing SPF. Replacing
the askjeeves.com record with "v=spf1 redirect=jeeves.ask.info" gets a pass
with hotmail.com and godaddy.com as well.
I will create a pair of domains for further testing via telnet, since I have no
access to the hotmail implementation. But I think they are broken.
The effect is that Microsoft has unilateraly deprecated implicit domains
in SPF records.
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com