On Mon, 11 Dec 2006, John Rudd wrote: > I look up the SPF record for foo.com. It says: +all
...so the SPF spec has some holes that permit abuse. Tighten the spec my prohibiting +all and +0.0.0.0/1 +8.0.0.0/1 and similar nonsense, and/or modify SPF client implementations to place an upper limit on the number of hosts that can match the spec. This doesn't mean SPF is crap. -- John Hardin KA7OHZ http://www.impsec.org/~jhardin/ [EMAIL PROTECTED] FALaholic #11174 pgpk -a [EMAIL PROTECTED] key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 ----------------------------------------------------------------------- The fetters imposed on liberty at home have ever been forged out of the weapons provided for defense against real, pretended, or imaginary dangers from abroad. -- James Madison, 1799 ----------------------------------------------------------------------- 4 days until Bill of Rights day
