On the inoc-dba subject

Jon Lewis jlewis at lewis.org
Mon Feb 6 16:07:45 UTC 2006

On Mon, 6 Feb 2006, Joe Maimon wrote:

>> pch.net publishes a SPF record:
>> "v=spf1 ip4: mx mx:woodynet.net a:sprockets.gibbard.org
>> a:ghosthacked.net ~all"
>> Besides going from soft-fail (~all) to fail (-all), they are already
>> giving you the tools you need to validate a MAIL FROM: claim.
> Thats all very well and good, but advising people who do not validate with 
> spf to whitelist by domain name is an over-simplification.

So call it additional clue-boundary to entry and be done with this silly 

Besides, the site doesn't specify how to filter/whitelist...just to make 
sure you can accept mail from pch.net.  A simple person might take that to 
mean "I better allow any @pch.net from address" but that's not what the 
site says.

  Jon Lewis                   |  I route
  Senior Network Engineer     |  therefore you are
  Atlantic Net                |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________

More information about the NANOG mailing list