North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: On the inoc-dba subject
On Mon, 6 Feb 2006, Joe Maimon wrote: So call it additional clue-boundary to entry and be done with this silly thread.Thats all very well and good, but advising people who do not validate with spf to whitelist by domain name is an over-simplification.pch.net publishes a SPF record: "v=spf1 ip4:204.61.210.70/32 mx mx:woodynet.net a:sprockets.gibbard.org a:ghosthacked.net ~all" Besides going from soft-fail (~all) to fail (-all), they are already giving you the tools you need to validate a MAIL FROM: claim. Besides, the site doesn't specify how to filter/whitelist...just to make sure you can accept mail from pch.net. A simple person might take that to mean "I better allow any @pch.net from address" but that's not what the site says. ---------------------------------------------------------------------- Jon Lewis | I route Senior Network Engineer | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
|