spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [spf-discuss] Re: advice wrong, or is it?

2007-12-21 18:38:33
from [David MacQuigg] [Permanent Link] 
At 01:04 AM 12/22/2007 +0000, you wrote:

WebMaster(_at_)commerco(_dot_)net wrote:

Getting back to the original point of the thread, why Google
apparently wants folks to specify "~all" rather than "-all", perhaps
in their case (because they offer a huge email service), they don't
wish to reveal all the possible outgoing SMTP servers to avoid some
type of attack on GMail.  Personally, I think there are better ways
of handling such things even in huge scale email service environments.


An interesting theory of yours, but I think if that was their motivation, 
they would have been bright enough to use an "exists:" mechanism to hide 
their infrastructure. :-)


Actually, I think they are planning to compete with M$ to see who has the 
biggest di.. I mean set of netblocks.
google.com
v=spf1 include:_netblocks.google.com ~all
64.18.0.0/20           4096
64.233.160.0/19        8192
66.102.0.0/20          4096
66.249.80.0/20         4096
72.14.192.0/18        16384
74.125.0.0/16         65536
207.126.144.0/20       4096
209.85.128.0/17       32768
216.239.32.0/19        8192
        Totals:   9  147456

msn.com
v=spf1 include:spf-a.hotmail.com include:spf-b.hotmail.com 
include:spf-c.hotmail.com include:spf-d.hotmail.com 
include:_spf-ssg-a.microsoft.com ~all
        Totals:  38  981536

The attack theory doesn't make sense.  How would knowing the addresses of their 
outgoing servers aid an attacker?

Also, what idiot would be foolish enough to attack Google's outgoing servers?  
That would be like pissing at a guy with a fire hose.  Can you imagine the 
counter-attack Google could mount if they really wanted to take down a few 
ISPs.  I hear the Russians recently took down the entire country of Estonia.

-- Dave :>)


************************************************************     *
* David MacQuigg, PhD      email: macquigg at open-mail.org   *  *
* President, Open-Mail dot org      phone: USA 520-721-4583   *  *  *
* Postmaster, Box67 dot com                                   *  *  *
*                                 9320 East Mikelyn Lane       * * *
* http://purl.net/macquigg        Tucson, Arizona 85710          *
************************************************************     *

-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Archives: http://v2.listbox.com/member/archive/735/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/735/
Modify Your Subscription: 
http://v2.listbox.com/member/?member_id=2183229&id_secret=78737434-4a1dd2
Powered by Listbox: http://www.listbox.com
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [spf-discuss] Re: advice wrong, or is it?, Julian Mehnle
Next by Date:  Re: [spf-discuss] Re: advice wrong, or is it?, Bill Adragna
Previous by Thread:  [spf-discuss] Re: advice wrong, or is it?, Julian Mehnle
Next by Thread:  [spf-discuss] Google's SPF Record, David MacQuigg
Indexes:  [Date] [Thread] [Top] [All Lists]