[88451] in North American Network Operators' Group
Re: On the inoc-dba subject
daemon@ATHENA.MIT.EDU (Jon Lewis)
Mon Feb 6 11:08:12 2006
Date: Mon, 6 Feb 2006 11:07:45 -0500 (EST)
From: Jon Lewis <jlewis@lewis.org>
To: Joe Maimon <jmaimon@ttec.com>
Cc: nanog@nanog.org
In-Reply-To: <43E74308.30204@ttec.com>
Errors-To: owner-nanog@merit.edu
On Mon, 6 Feb 2006, Joe Maimon wrote:
>> pch.net publishes a SPF record:
>> "v=spf1 ip4:204.61.210.70/32 mx mx:woodynet.net a:sprockets.gibbard.org
>> a:ghosthacked.net ~all"
>>
>> Besides going from soft-fail (~all) to fail (-all), they are already
>> giving you the tools you need to validate a MAIL FROM: claim.
>
> Thats all very well and good, but advising people who do not validate with
> spf to whitelist by domain name is an over-simplification.
So call it additional clue-boundary to entry and be done with this silly
thread.
Besides, the site doesn't specify how to filter/whitelist...just to make
sure you can accept mail from pch.net. A simple person might take that to
mean "I better allow any @pch.net from address" but that's not what the
site says.
----------------------------------------------------------------------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
