On 09.06.18 14:28, Alex wrote:
On a somewhat related note, I just noticed one of our customers have
listed spf.protection.outlook.com in their SPF record:
bestwesternnwcc.com. 600 IN TXT "v=spf1
include:spf.protection.outlook.com -all"
Doesn't this amount to thousands of IP addresses that could
conceivably be used to spoof any other domain that's "hosted" using
one of those IPs?
I believe M$ requires users to be authenticated within the domain before
they are allowed to send using your domain.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Posli tento mail 100 svojim znamim - nech vidia aky si idiot
Send this email to 100 your friends - let them see what an idiot you are
