>> They publish -all and it makes sense.
>
>dig paypal.com txt +short | grep spf
>
>"v=spf1 include:pp._spf.paypal.com include:3ph1._spf.paypal.com
>include:3ph2._spf.paypal.com include:3ph3._spf.paypal.com
>include:3ph4._spf.paypal.com include:c._spf.ebay.com ~all"
Huh. That's new. They do publ
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Fri, 2016-01-08 at 16:39 +, John Levine wrote:
> They publish -all and it makes sense.
dig paypal.com txt +short | grep spf
"v=spf1 include:pp._spf.paypal.com include:3ph1._spf.paypal.com
include:3ph2._spf.paypal.com include:3ph3._spf.paypal
>Surely deploying ~all is done in order for you to determine which edge cases
>won't pass, prior to considering a move to -all?
In a word, no.
If your name is Paypal, you can probably control the hosts that send
mail with your return address, the mail is of low value since it
rarely says anyth