On May 18, 2017 9:02 AM, "Luis E. Muñoz" <luisemu...@gmail.com> wrote:
On 17 May 2017, at 16:49, Michael Peddemors wrote: It looks not bad, successive lookups to 3 parts.. and they all look good. Don't like this part of course.. include:sharepointonline.com ip4:52.104.0.0/14 Right there! I've had thoughts about actually penalizing sites that list such vast amounts of IP space in their SPF records or perhaps just ignoring those large ranges in the SPF validation. I suppose it would be plagued with false positives, but if enough people did it, it would give some priority to actually think about your SMTP flows when setting up your SPF records. Yeah, we already ignore overly large ranges, don't recall at what level, but we definitely saw a bunch of exploits of wide ranges over a year ago. Brandon
_______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
