On Tue, 28 Feb 2006 10:19:33 -0500 (EST) "Stuart D. Gathman"
<stuart(_at_)bmsi(_dot_)com> wrote:
On Tue, 28 Feb 2006, Erwin Kodiat wrote:
I'm new to SPF, tried to setup an SPF record for my domain name. I used
Yahoo Premium service so I can use Yahoo webmail while having my own
email
address as the sender. I can't find any SPF command that works like
wildcard. I need this since Yahoo keep changing their SMTP server name
while
sending email, for instance webmail5104.yahoo.com and the other time
webmail7637.yahoo.com. Is it possible to have a wildcard or pattern
matching
in SPF record?
mydomain.com IN TXT "v=spf1 ip4:1.2.3.4 ?ptr:yahoo.com -all"
where 1.2.3.4 is your own MTA when not using yahoo webmail.
There is no point in trying to get a PASS from the Yahoo webmail (like
Scott Kitterman suggested), because even after finding all their outgoing
servers by trial and error, they have no forgery prevention in place,
so any yahoo email user can still forge your domain.
Actually I hadn't gotten to the PASS/NEUTRAL issue yet. I agree. If you
do it the way I suggested, then put a ? in front of the ip4: mechanisms for
the reasons Stuart says.
Do keep in mind that Stuart's approach will match every yahoo.com computer
and not just their mail servers.
As long as reverse DNS is reliable what Stuart says will work. As long as
you do enough testing (and check back periodically) what I suggested will
work with lower DNS loading. It's up to you. Neither is ideal.
You might also ask Yahoo to publish an SPF record you could just include.
I'd imagine the odds of them doing it are very low, but it can't hurt to
ask.
Scott K
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com