Re: [spfbis] RFC7208 4.6.4 Interpretation - MX Lookup Count Inconsistencies
william@leibzon.org Mon, 23 January 2023 05:39 UTC
Return-Path: <william@leibzon.org>
X-Original-To: spfbis@ietfa.amsl.com
Delivered-To: spfbis@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AD90DC14F721 for <spfbis@ietfa.amsl.com>; Sun, 22 Jan 2023 21:39:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.894
X-Spam-Level:
X-Spam-Status: No, score=-1.894 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OrGvygd843fB for <spfbis@ietfa.amsl.com>; Sun, 22 Jan 2023 21:39:45 -0800 (PST)
Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 93B96C14F6EB for <spfbis@ietf.org>; Sun, 22 Jan 2023 21:39:45 -0800 (PST)
Received: from omf04.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id 5F2621401FB; Mon, 23 Jan 2023 05:39:43 +0000 (UTC)
Received: from [HIDDEN] (Authenticated sender: william@leibzon.org) by omf04.hostedemail.com (Postfix) with ESMTPA id 227CD20023; Mon, 23 Jan 2023 05:39:42 +0000 (UTC)
MIME-Version: 1.0
Date: Sun, 22 Jan 2023 21:39:41 -0800
From: william@leibzon.org
To: Tim Wicinski <tjw.ietf@gmail.com>
Cc: John Levine <johnl@taugh.com>, spfbis@ietf.org
In-Reply-To: <CADyWQ+EExQj2H4eL-VW39GM7zdF3CiCrgDJP7PSjzh0oddJpbw@mail.gmail.com>
References: <CADyWQ+FRgUPOC3OiMZ74kbD9Mn+r=Z51meY7uTZutfAJDr6ssQ@mail.gmail.com> <20230123031354.527A67D6DA86@ary.qy> <CADyWQ+EExQj2H4eL-VW39GM7zdF3CiCrgDJP7PSjzh0oddJpbw@mail.gmail.com>
Message-ID: <e0e424a2dfc43060521f57df4e698299@leibzon.org>
X-Sender: william@leibzon.org
Content-Type: multipart/alternative; boundary="=_24a614bdf050b031d60c0a133cc6a74b"
X-Rspamd-Queue-Id: 227CD20023
X-Rspamd-Server: rspamout01
X-Stat-Signature: jpbu9qwt8f9h6k51yixjcit6k3a3s7kf
X-Session-Marker: 77696C6C69616D406C6569627A6F6E2E6F7267
X-Session-ID: U2FsdGVkX1+fYJTSguwZ2fNOgbyzV7aKs6ierqnJg78=
X-HE-Tag: 1674452382-917291
X-HE-Meta: U2FsdGVkX1+egpZYNMkU8/2cis7dHD0Hn503XirzIShhjdixdDxs0vGcB+FAJJwdhtjQwCnVIEqGlJGZwu9ISw==
Archived-At: <https://mailarchive.ietf.org/arch/msg/spfbis/IXAeWcKSRDRgnJJpoFoku9_auCI>
Subject: Re: [spfbis] RFC7208 4.6.4 Interpretation - MX Lookup Count Inconsistencies
X-BeenThere: spfbis@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: SPFbis discussion list <spfbis.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spfbis>, <mailto:spfbis-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spfbis/>
List-Post: <mailto:spfbis@ietf.org>
List-Help: <mailto:spfbis-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spfbis>, <mailto:spfbis-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Jan 2023 05:39:49 -0000
May be the more relevant question is would these large companies with many MXs use "mx" in their SPF record? ;; ANSWER SECTION: comcast.net. 7200 IN TXT "v=spf1 ip4:96.103.146.48/28 ip4:96.102.19.32/28 ip4:96.102.200.0/28 include:_spfv6.comcast.net include:_spf.mdp.comcast.net ~all" efficient with precise and small ip block space for their mail servers ;; ANSWER SECTION: yahoo.com. 1137 IN TXT "_globalsign-domain-verification=8DPEanqC-w2Z26VeL5Sn4zBI7cZPCFqrNU5dMKMKeP" yahoo.com. 1137 IN TXT "google-site-verification=xoBvU6aKxP0gYgNL0iXqF0EccAg6nFrO7XxsHnc3iNQ" yahoo.com. 1137 IN TXT "google-site-verification=w4N2bNopAWw1xYrdXKORILxx-WW3_LIiyX6dIMIidgk" yahoo.com. 1137 IN TXT "google-site-verification=Z3-Vh6zqUMgybVH4wQl1GxKSKN7JE13kyCyeZ3TZZ-I" yahoo.com. 1137 IN TXT "v=spf1 redirect=_spf.mail.yahoo.com" yahoo.com. 1137 IN TXT "edb3bff2c0d64622a9b2250438277a59" yahoo.com. 1137 IN TXT "Zoom=13284637" yahoo.com. 1137 IN TXT "facebook-domain-verification=gysqrcd69g0ej34f4jfn0huivkym1p" yahoo.com. 1137 IN TXT "google-site-verification=2b8irRvU5a2h4Mb-H_fdqNrqWjS00qmPfPcWqm8BhxI" What a horrific example of TXT record pollution, the door to which was opened by SPF .... ;; ANSWER SECTION: _spf.mail.yahoo.com. 1094 IN TXT "v=spf1 ptr:yahoo.com ptr:yahoo.net ?all" On 2023-01-22 19:51, Tim Wicinski wrote: > I am always happy when I'm proven wrong. Thanks Mr. John. > > tim > > On Sun, Jan 22, 2023 at 10:13 PM John Levine <johnl@taugh.com> wrote: > >> It appears that Tim Wicinski <tjw.ietf@gmail.com> said: >>> I also feel that technology stacks have matured over time. Jan, do >>> you see >>> real world examples of a domain with 11 MX servers? >> >> Well, there's Comcast: >> >> $ host -t mx comcast.net [1] >> comcast.net [1] mail is handled by 50 mx1a1.comcast.net [2]. >> comcast.net [1] mail is handled by 5 mx2.mxge.comcast.net [3]. >> comcast.net [1] mail is handled by 50 mx2a1.comcast.net [4]. >> comcast.net [1] mail is handled by 50 mx1c1.comcast.net [5]. >> comcast.net [1] mail is handled by 5 mx1.mxge.comcast.net [6]. >> comcast.net [1] mail is handled by 50 mx2c1.comcast.net [7]. >> comcast.net [1] mail is handled by 50 mx1h1.comcast.net [8]. >> comcast.net [1] mail is handled by 50 mx2h1.comcast.net [9]. >> >> And there's Yahoo, but its MX is only four lookups: >> >> $ host -t mx yahoo.com [10] >> yahoo.com [10] mail is handled by 1 mta6.am0.yahoodns.net [11]. >> yahoo.com [10] mail is handled by 1 mta7.am0.yahoodns.net [12]. >> yahoo.com [10] mail is handled by 1 mta5.am0.yahoodns.net [13]. >> >> $ host mta5.am0.yahoodns.net [13]. >> mta5.am0.yahoodns.net [13] has address 67.195.228.109 >> mta5.am0.yahoodns.net [13] has address 98.136.96.76 >> mta5.am0.yahoodns.net [13] has address 67.195.204.72 >> mta5.am0.yahoodns.net [13] has address 67.195.204.79 >> mta5.am0.yahoodns.net [13] has address 67.195.228.111 >> mta5.am0.yahoodns.net [13] has address 98.136.96.77 >> mta5.am0.yahoodns.net [13] has address 67.195.228.110 >> mta5.am0.yahoodns.net [13] has address 98.136.96.91 >> $ host mta6.am0.yahoodns.net [11]. >> mta6.am0.yahoodns.net [11] has address 67.195.204.74 >> mta6.am0.yahoodns.net [11] has address 98.136.96.76 >> mta6.am0.yahoodns.net [11] has address 67.195.228.110 >> mta6.am0.yahoodns.net [11] has address 67.195.204.79 >> mta6.am0.yahoodns.net [11] has address 67.195.204.77 >> mta6.am0.yahoodns.net [11] has address 67.195.228.111 >> mta6.am0.yahoodns.net [11] has address 67.195.228.94 >> mta6.am0.yahoodns.net [11] has address 98.136.96.77 >> $ host mta7.am0.yahoodns.net [12]. >> mta7.am0.yahoodns.net [12] has address 67.195.204.79 >> mta7.am0.yahoodns.net [12] has address 67.195.204.77 >> mta7.am0.yahoodns.net [12] has address 98.136.96.91 >> mta7.am0.yahoodns.net [12] has address 67.195.228.111 >> mta7.am0.yahoodns.net [12] has address 67.195.228.106 >> mta7.am0.yahoodns.net [12] has address 67.195.228.94 >> mta7.am0.yahoodns.net [12] has address 67.195.204.72 >> mta7.am0.yahoodns.net [12] has address 98.136.96.77 >> >> And Charter: >> >> $ host -t mx charter.com [14] >> charter.com [14] mail is handled by 10 nce.mail.chartercom.com [15]. >> charter.com [14] mail is handled by 10 ncw.mail.chartercom.com [16]. >> >> $ host nce.mail.chartercom.com [15]. >> nce.mail.chartercom.com [15] has address 142.136.234.134 >> nce.mail.chartercom.com [15] has address 142.136.234.135 >> nce.mail.chartercom.com [15] has address 142.136.234.136 >> nce.mail.chartercom.com [15] has address 142.136.234.137 >> nce.mail.chartercom.com [15] has address 142.136.234.138 >> nce.mail.chartercom.com [15] has address 142.136.234.139 >> nce.mail.chartercom.com [15] has address 142.136.234.142 >> nce.mail.chartercom.com [15] has address 142.136.234.143 >> nce.mail.chartercom.com [15] has address 142.136.234.144 >> >> $ host ncw.mail.chartercom.com [16]. >> ncw.mail.chartercom.com [16] has address 142.136.235.134 >> ncw.mail.chartercom.com [16] has address 142.136.235.135 >> ncw.mail.chartercom.com [16] has address 142.136.235.136 >> ncw.mail.chartercom.com [16] has address 142.136.235.137 >> ncw.mail.chartercom.com [16] has address 142.136.235.138 >> ncw.mail.chartercom.com [16] has address 142.136.235.139 >> ncw.mail.chartercom.com [16] has address 142.136.235.142 >> ncw.mail.chartercom.com [16] has address 142.136.235.143 >> ncw.mail.chartercom.com [16] has address 142.136.235.144 >> >> I occasionally see spammy looking hosts with a lot >> of MX'es but if their SPF checks fail, who cares. >> >> R's, >> John > > _______________________________________________ > spfbis mailing list > spfbis@ietf.org > https://www.ietf.org/mailman/listinfo/spfbis Links: ------ [1] http://comcast.net [2] http://mx1a1.comcast.net [3] http://mx2.mxge.comcast.net [4] http://mx2a1.comcast.net [5] http://mx1c1.comcast.net [6] http://mx1.mxge.comcast.net [7] http://mx2c1.comcast.net [8] http://mx1h1.comcast.net [9] http://mx2h1.comcast.net [10] http://yahoo.com [11] http://mta6.am0.yahoodns.net [12] http://mta7.am0.yahoodns.net [13] http://mta5.am0.yahoodns.net [14] http://charter.com [15] http://nce.mail.chartercom.com [16] http://ncw.mail.chartercom.com
- [spfbis] RFC7208 4.6.4 Interpretation - MX Lookup… Mark Alley
- Re: [spfbis] RFC7208 4.6.4 Interpretation - MX Lo… Mark Alley
- Re: [spfbis] RFC7208 4.6.4 Interpretation - MX Lo… Mark Alley
- Re: [spfbis] RFC7208 4.6.4 Interpretation - MX Lo… Scott Kitterman
- Re: [spfbis] RFC7208 4.6.4 Interpretation - MX Lo… Mark Alley
- Re: [spfbis] RFC7208 4.6.4 Interpretation - MX Lo… Jan Schaumann
- Re: [spfbis] RFC7208 4.6.4 Interpretation - MX Lo… Jan Schaumann
- Re: [spfbis] RFC7208 4.6.4 Interpretation - MX Lo… Scott Kitterman
- Re: [spfbis] RFC7208 4.6.4 Interpretation - MX Lo… Jan Schaumann
- Re: [spfbis] RFC7208 4.6.4 Interpretation - MX Lo… Scott Kitterman
- Re: [spfbis] RFC7208 4.6.4 Interpretation - MX Lo… Tim Wicinski
- Re: [spfbis] RFC7208 4.6.4 Interpretation - MX Lo… John Levine
- Re: [spfbis] RFC7208 4.6.4 Interpretation - MX Lo… Tim Wicinski
- Re: [spfbis] RFC7208 4.6.4 Interpretation - MX Lo… Jan Schaumann
- Re: [spfbis] RFC7208 4.6.4 Interpretation - MX Lo… william
- Re: [spfbis] RFC7208 4.6.4 Interpretation - MX Lo… John R Levine
- Re: [spfbis] RFC7208 4.6.4 Interpretation - MX Lo… Klaus Frank