On Mon, 24 Aug 2015 00:13:14 +0900 "Stephen J. Turnbull" <step...@xemacs.org> wrote:
> That does mean that anybody who can send through smtp.comcast.net can > send as a mailbox from your domain and pass DMARC, most likely. I > don't see a way to profitably exploit that offhand, though (unless > you're a bank). This means, then, that I should probably remove it from the SPF record - at its current configuration, the ~all should at least softfail while I work on getting Postfix set up for TLS. -Dennis Carr