At 01:30 PM 5/6/2006 -0400, Scott Kitterman wrote:
With my validator, the MS SPF record is raising an error because of too many
DNS lookups.
I have to wonder if Microsoft is serious about using the spf1 record at
microsoft.com for its intended purpose, or if this is some kind of
ploy. The record at Microsoft's hotmail.com, which handles far more mail
than microsoft.com, has no such problems.
hotmail.com. TXT
v=spf1 mx include:_spf-a.microsoft.com include:_spf-b.microsoft.com
include:_spf-c.microsoft.com ~all
Each of the four included records has only ip4 mechanisms. The total
authorization includes 39 ip4 blocks (2 redundant), and a total of 981504
IP addresses!!
One has to wonder why domains like hotmail.com authorize so many addresses
to send using their name. I would think a better strategy, one which would
exclude the zombies and earn them a better reputation, would be to
authorize just the dozen or so machines they really need. Here are the
results of compiling the SPF records from 15 of the largest sending domains.
comcast.net No SPF Record
yahoo.com No SPF Record
rr.com 3074
verizon.net 772
proxad.net No SPF Record
charter.com 513
hotmail.com 981504
adelphia.net 512
shawcable.net No SPF Record
qwest.net No SPF Record
ebay.com 240
aol.com 2304
gmail.com 29184
bellsouth.net 256
pacbell.net No SPF Record
-- Dave
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com