At 01:04 AM 12/22/2007 +0000, you wrote:
WebMaster(_at_)commerco(_dot_)net wrote:
Getting back to the original point of the thread, why Google
apparently wants folks to specify "~all" rather than "-all", perhaps
in their case (because they offer a huge email service), they don't
wish to reveal all the possible outgoing SMTP servers to avoid some
type of attack on GMail. Personally, I think there are better ways
of handling such things even in huge scale email service environments.
An interesting theory of yours, but I think if that was their motivation,
they would have been bright enough to use an "exists:" mechanism to hide
their infrastructure. :-)
Actually, I think they are planning to compete with M$ to see who has the
biggest di.. I mean set of netblocks.
google.com
v=spf1 include:_netblocks.google.com ~all
64.18.0.0/20 4096
64.233.160.0/19 8192
66.102.0.0/20 4096
66.249.80.0/20 4096
72.14.192.0/18 16384
74.125.0.0/16 65536
207.126.144.0/20 4096
209.85.128.0/17 32768
216.239.32.0/19 8192
Totals: 9 147456
msn.com
v=spf1 include:spf-a.hotmail.com include:spf-b.hotmail.com
include:spf-c.hotmail.com include:spf-d.hotmail.com
include:_spf-ssg-a.microsoft.com ~all
Totals: 38 981536
The attack theory doesn't make sense. How would knowing the addresses of their
outgoing servers aid an attacker?
Also, what idiot would be foolish enough to attack Google's outgoing servers?
That would be like pissing at a guy with a fire hose. Can you imagine the
counter-attack Google could mount if they really wanted to take down a few
ISPs. I hear the Russians recently took down the entire country of Estonia.
-- Dave :>)
************************************************************ *
* David MacQuigg, PhD email: macquigg at open-mail.org * *
* President, Open-Mail dot org phone: USA 520-721-4583 * * *
* Postmaster, Box67 dot com * * *
* 9320 East Mikelyn Lane * * *
* http://purl.net/macquigg Tucson, Arizona 85710 *
************************************************************ *
-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Archives: http://v2.listbox.com/member/archive/735/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/735/
Modify Your Subscription:
http://v2.listbox.com/member/?member_id=2183229&id_secret=78737434-4a1dd2
Powered by Listbox: http://www.listbox.com