Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
On Jan 24, 2008 8:33 AM, Matthew Gillen <[hidden email]> wrote: > Bill Ricker wrote: > >> SPF record. There is a special syntax for saying basically "any server in > >> domainX's SPF record can also send mail 'from' my domain". > > > > Doesn't that mean any OTHER comcast customer can forge for your domain? > > In theory, no, because they wouldn't be in Comcast.net's SPF record. > However, looking at their actual SPF record, it looks excessively broad: > v=spf1 ip4:76.96.28.0/23 ip4:76.96.30.0/24 ip4:76.96.60.0/23 > ip4:76.96.62.0/24 ?all > > Now, that might actually not be as bad as looks on first blush, since I > think those IP ranges are not ones that they give to customers (my current > address from them is 24.34.56.xxx). > > Even if Comcast's record is overly broad, SPF will still serve it's purpose. > SPF is meant merely as a hint (even though some providers will tag spam > based on SPF alone), so it's better to be overly broad than too narrow (and > thereby getting mail you sent needlessly tagged as spam). > > Matt >
BLU is a member of BostonUserGroups | |
We also thank MIT for the use of their facilities. |