Michael Peddemors via mailop <[email protected]> wrote: > host -t TXT save.ca > > save.ca descriptive text "v=spf1 ip4:70.33.236.0/25 mx a > include:sendgrid.net include:thestar.ca include:thestar.com > include:spf.google.com include:spf.protection.outlook.com > include:spf.yahoo.com include:spf.aol.com include:amazonses.com -all" > > ... so.. basically hard block everything except 1/2 the internet..
If you're into that sort of thing, I wrote about all the weird aspects of SPF here: https://www.netmeister.org/blog/spf.html I also have a tool that sums all the findings of a domain's SPF record: https://github.com/jschauma/spf/ --- Sample output: $ spf save.ca save.ca: policy: ip4:70.33.236.0/25 mx a include:sendgrid.net include:thestar.ca include:thestar.com [...] invalid Warning: SPF record for "_ssf2f3yot2.sdmarc.net" too long (491 > 450). Warning: No MX record for domain 'ironport2.thestar.ca' found. [...] pass: include (8 domains): amazonses.com sendgrid.net [...] [...] Total counts: Total # of DNS lookups : 32 pass: Total # of 'a' directives : 2 Total # of 'exists' directives : 2 Total # of 'include' directives : 23 Total # of 'mx' directives : 6 Total # of 'redirect' directives: 1 Total # of ip4 directives : 167 Total # of ip4 addresses : 962,349 Total # of ip6 directives : 15 Total # of ip6 addresses : 11,862,603,051,712,622,486,355,973 All others: fail --- (Sorry for the self-promotion here, but it seemed of relevance to the discussion.) -Jan _______________________________________________ mailop mailing list [email protected] https://list.mailop.org/listinfo/mailop
