Re: [spfbis] RFC7208 4.6.4 Interpretation - MX Lookup Count Inconsistencies
John R Levine <johnl@taugh.com> Mon, 23 January 2023 17:57 UTC
Return-Path: <johnl@taugh.com>
X-Original-To: spfbis@ietfa.amsl.com
Delivered-To: spfbis@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1A5E2C14F737 for <spfbis@ietfa.amsl.com>; Mon, 23 Jan 2023 09:57:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.097
X-Spam-Level:
X-Spam-Status: No, score=-7.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b="3pQARwhn"; dkim=pass (2048-bit key) header.d=taugh.com header.b="fTalRLIO"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QPnL-jhwind9 for <spfbis@ietfa.amsl.com>; Mon, 23 Jan 2023 09:57:41 -0800 (PST)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F1D17C1524AC for <spfbis@ietf.org>; Mon, 23 Jan 2023 09:57:37 -0800 (PST)
Received: (qmail 67585 invoked from network); 23 Jan 2023 17:57:34 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type; s=107fd.63ceca8e.k2301; bh=B/0fYNDMJOxzLLaXxILmpNu3kwDXv9th/RmrTUmKO2I=; b=3pQARwhnM8YIalLrzQc0W6ZUHFgVFgxdz1kntEhtJMPa32rH1/7oXGUihhLaQwu949M5mxUQAcfdouPSG5qGTSndBkzA6BOHYPO2MWNwQPyVNl554IUWAhKXzJwuKh/8zFljbre6nmaQUWiSsfoMM0tx/3YUXi75wNqC6/iHb3bG8XH99UgTRskg814fYAf1s71bADBEJs7+VNa3vJBnF3G0KHo/Vgqd7Vvp6jh4VLCYCQ1oD5/rAnM/zFaKuCykShhfaV/xD2fBmAlrqllRfLm25xdctnh1nujejQySiueGmcSka8YJqQ1Gm5QicIQbxWn1JXqYjBpbMTJjCAiZoA==
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type; s=107fd.63ceca8e.k2301; bh=B/0fYNDMJOxzLLaXxILmpNu3kwDXv9th/RmrTUmKO2I=; b=fTalRLIO7wxeAVcJm6QTlZi5+YiSc3AKxiulRiTDHF/0Klt3RZ7jvYI5Oy3DEq5njoCnQwAlCMKcaxk5Wciuv2F+dvu4esE2yVEBKaBcyApUGPO+fWnc+RSzVDvGmTq4KJwxs4bDpVCwxPTZjqs542b3TwA1ZnQCBOrAXJmrKjsUSIjRMuzikQ2hrjk6FNz/uYTxPvcAtYffHeMzc8/gT0awXmRAO+y8078ys6Q0J2BsG9RSid3sJjPsDCL6g8GnpasBCT0VWkkStbog3BjBPuBkZx5qqhi/XD2NScIvqrNt27OYASN2O8gjtDH5nMVLJ8jpjErGGyRKX4PIn4DEVQ==
Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.3 ECDHE-RSA AES-256-GCM AEAD) via TCP6; 23 Jan 2023 17:57:34 -0000
Received: by ary.qy (Postfix, from userid 501) id A84D67DB59F9; Mon, 23 Jan 2023 12:57:32 -0500 (EST)
Received: from localhost (localhost [127.0.0.1]) by ary.qy (Postfix) with ESMTP id 92C3E7DB59F8; Mon, 23 Jan 2023 12:57:32 -0500 (EST)
Date: Mon, 23 Jan 2023 12:57:32 -0500
Message-ID: <5872c4eb-988c-f479-b633-1f6520b43e10@taugh.com>
From: John R Levine <johnl@taugh.com>
To: william@leibzon.org
Cc: spfbis@ietf.org
X-X-Sender: johnl@ary.qy
In-Reply-To: <e0e424a2dfc43060521f57df4e698299@leibzon.org>
References: <CADyWQ+FRgUPOC3OiMZ74kbD9Mn+r=Z51meY7uTZutfAJDr6ssQ@mail.gmail.com> <20230123031354.527A67D6DA86@ary.qy> <CADyWQ+EExQj2H4eL-VW39GM7zdF3CiCrgDJP7PSjzh0oddJpbw@mail.gmail.com> <e0e424a2dfc43060521f57df4e698299@leibzon.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Archived-At: <https://mailarchive.ietf.org/arch/msg/spfbis/Zaq-BOmu-lBG_QOtxVomXMjNFX0>
Subject: Re: [spfbis] RFC7208 4.6.4 Interpretation - MX Lookup Count Inconsistencies
X-BeenThere: spfbis@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: SPFbis discussion list <spfbis.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spfbis>, <mailto:spfbis-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spfbis/>
List-Post: <mailto:spfbis@ietf.org>
List-Help: <mailto:spfbis-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spfbis>, <mailto:spfbis-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Jan 2023 17:57:46 -0000
> May be the more relevant question is would these large companies with many > MXs use "mx" in their SPF record? I agree that it's unlikely to find MX in any but the smallest mail systems, since it means they use the same host for inbound and outbound mail. > > ;; ANSWER SECTION: > comcast.net. 7200 IN TXT "v=spf1 ip4:96.103.146.48/28 > ip4:96.102.19.32/28 ip4:96.102.200.0/28 include:_spfv6.comcast.net > include:_spf.mdp.comcast.net ~all" > > efficient with precise and small ip block space for their mail servers > > ;; ANSWER SECTION: > yahoo.com. 1137 IN TXT > "_globalsign-domain-verification=8DPEanqC-w2Z26VeL5Sn4zBI7cZPCFqrNU5dMKMKeP" > yahoo.com. 1137 IN TXT > "google-site-verification=xoBvU6aKxP0gYgNL0iXqF0EccAg6nFrO7XxsHnc3iNQ" > yahoo.com. 1137 IN TXT > "google-site-verification=w4N2bNopAWw1xYrdXKORILxx-WW3_LIiyX6dIMIidgk" > yahoo.com. 1137 IN TXT > "google-site-verification=Z3-Vh6zqUMgybVH4wQl1GxKSKN7JE13kyCyeZ3TZZ-I" > yahoo.com. 1137 IN TXT "v=spf1 redirect=_spf.mail.yahoo.com" > yahoo.com. 1137 IN TXT "edb3bff2c0d64622a9b2250438277a59" > yahoo.com. 1137 IN TXT "Zoom=13284637" > yahoo.com. 1137 IN TXT > "facebook-domain-verification=gysqrcd69g0ej34f4jfn0huivkym1p" > yahoo.com. 1137 IN TXT > "google-site-verification=2b8irRvU5a2h4Mb-H_fdqNrqWjS00qmPfPcWqm8BhxI" > > What a horrific example of TXT record pollution, the door to which was opened > by SPF .... > > ;; ANSWER SECTION: > _spf.mail.yahoo.com. 1094 IN TXT "v=spf1 ptr:yahoo.com > ptr:yahoo.net ?all" > > On 2023-01-22 19:51, Tim Wicinski wrote: > >> I am always happy when I'm proven wrong. Thanks Mr. John. >> >> tim >> >> On Sun, Jan 22, 2023 at 10:13 PM John Levine <johnl@taugh.com> wrote: >> >>> It appears that Tim Wicinski <tjw.ietf@gmail.com> said: >>>> I also feel that technology stacks have matured over time. Jan, do you >>>> see >>>> real world examples of a domain with 11 MX servers? >>> >>> Well, there's Comcast: >>> >>> $ host -t mx comcast.net [1] >>> comcast.net [1] mail is handled by 50 mx1a1.comcast.net [2]. >>> comcast.net [1] mail is handled by 5 mx2.mxge.comcast.net [3]. >>> comcast.net [1] mail is handled by 50 mx2a1.comcast.net [4]. >>> comcast.net [1] mail is handled by 50 mx1c1.comcast.net [5]. >>> comcast.net [1] mail is handled by 5 mx1.mxge.comcast.net [6]. >>> comcast.net [1] mail is handled by 50 mx2c1.comcast.net [7]. >>> comcast.net [1] mail is handled by 50 mx1h1.comcast.net [8]. >>> comcast.net [1] mail is handled by 50 mx2h1.comcast.net [9]. >>> >>> And there's Yahoo, but its MX is only four lookups: >>> >>> $ host -t mx yahoo.com [10] >>> yahoo.com [10] mail is handled by 1 mta6.am0.yahoodns.net [11]. >>> yahoo.com [10] mail is handled by 1 mta7.am0.yahoodns.net [12]. >>> yahoo.com [10] mail is handled by 1 mta5.am0.yahoodns.net [13]. >>> >>> $ host mta5.am0.yahoodns.net [13]. >>> mta5.am0.yahoodns.net [13] has address 67.195.228.109 >>> mta5.am0.yahoodns.net [13] has address 98.136.96.76 >>> mta5.am0.yahoodns.net [13] has address 67.195.204.72 >>> mta5.am0.yahoodns.net [13] has address 67.195.204.79 >>> mta5.am0.yahoodns.net [13] has address 67.195.228.111 >>> mta5.am0.yahoodns.net [13] has address 98.136.96.77 >>> mta5.am0.yahoodns.net [13] has address 67.195.228.110 >>> mta5.am0.yahoodns.net [13] has address 98.136.96.91 >>> $ host mta6.am0.yahoodns.net [11]. >>> mta6.am0.yahoodns.net [11] has address 67.195.204.74 >>> mta6.am0.yahoodns.net [11] has address 98.136.96.76 >>> mta6.am0.yahoodns.net [11] has address 67.195.228.110 >>> mta6.am0.yahoodns.net [11] has address 67.195.204.79 >>> mta6.am0.yahoodns.net [11] has address 67.195.204.77 >>> mta6.am0.yahoodns.net [11] has address 67.195.228.111 >>> mta6.am0.yahoodns.net [11] has address 67.195.228.94 >>> mta6.am0.yahoodns.net [11] has address 98.136.96.77 >>> $ host mta7.am0.yahoodns.net [12]. >>> mta7.am0.yahoodns.net [12] has address 67.195.204.79 >>> mta7.am0.yahoodns.net [12] has address 67.195.204.77 >>> mta7.am0.yahoodns.net [12] has address 98.136.96.91 >>> mta7.am0.yahoodns.net [12] has address 67.195.228.111 >>> mta7.am0.yahoodns.net [12] has address 67.195.228.106 >>> mta7.am0.yahoodns.net [12] has address 67.195.228.94 >>> mta7.am0.yahoodns.net [12] has address 67.195.204.72 >>> mta7.am0.yahoodns.net [12] has address 98.136.96.77 >>> >>> And Charter: >>> >>> $ host -t mx charter.com [14] >>> charter.com [14] mail is handled by 10 nce.mail.chartercom.com [15]. >>> charter.com [14] mail is handled by 10 ncw.mail.chartercom.com [16]. >>> >>> $ host nce.mail.chartercom.com [15]. >>> nce.mail.chartercom.com [15] has address 142.136.234.134 >>> nce.mail.chartercom.com [15] has address 142.136.234.135 >>> nce.mail.chartercom.com [15] has address 142.136.234.136 >>> nce.mail.chartercom.com [15] has address 142.136.234.137 >>> nce.mail.chartercom.com [15] has address 142.136.234.138 >>> nce.mail.chartercom.com [15] has address 142.136.234.139 >>> nce.mail.chartercom.com [15] has address 142.136.234.142 >>> nce.mail.chartercom.com [15] has address 142.136.234.143 >>> nce.mail.chartercom.com [15] has address 142.136.234.144 >>> >>> $ host ncw.mail.chartercom.com [16]. >>> ncw.mail.chartercom.com [16] has address 142.136.235.134 >>> ncw.mail.chartercom.com [16] has address 142.136.235.135 >>> ncw.mail.chartercom.com [16] has address 142.136.235.136 >>> ncw.mail.chartercom.com [16] has address 142.136.235.137 >>> ncw.mail.chartercom.com [16] has address 142.136.235.138 >>> ncw.mail.chartercom.com [16] has address 142.136.235.139 >>> ncw.mail.chartercom.com [16] has address 142.136.235.142 >>> ncw.mail.chartercom.com [16] has address 142.136.235.143 >>> ncw.mail.chartercom.com [16] has address 142.136.235.144 >>> >>> I occasionally see spammy looking hosts with a lot >>> of MX'es but if their SPF checks fail, who cares. >>> >>> R's, >>> John >> >> _______________________________________________ >> spfbis mailing list >> spfbis@ietf.org >> https://www.ietf.org/mailman/listinfo/spfbis > > > Links: > ------ > [1] http://comcast.net > [2] http://mx1a1.comcast.net > [3] http://mx2.mxge.comcast.net > [4] http://mx2a1.comcast.net > [5] http://mx1c1.comcast.net > [6] http://mx1.mxge.comcast.net > [7] http://mx2c1.comcast.net > [8] http://mx1h1.comcast.net > [9] http://mx2h1.comcast.net > [10] http://yahoo.com > [11] http://mta6.am0.yahoodns.net > [12] http://mta7.am0.yahoodns.net > [13] http://mta5.am0.yahoodns.net > [14] http://charter.com > [15] http://nce.mail.chartercom.com > [16] http://ncw.mail.chartercom.com Regards, John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY Please consider the environment before reading this e-mail. https://jl.ly
- [spfbis] RFC7208 4.6.4 Interpretation - MX Lookup… Mark Alley
- Re: [spfbis] RFC7208 4.6.4 Interpretation - MX Lo… Mark Alley
- Re: [spfbis] RFC7208 4.6.4 Interpretation - MX Lo… Mark Alley
- Re: [spfbis] RFC7208 4.6.4 Interpretation - MX Lo… Scott Kitterman
- Re: [spfbis] RFC7208 4.6.4 Interpretation - MX Lo… Mark Alley
- Re: [spfbis] RFC7208 4.6.4 Interpretation - MX Lo… Jan Schaumann
- Re: [spfbis] RFC7208 4.6.4 Interpretation - MX Lo… Jan Schaumann
- Re: [spfbis] RFC7208 4.6.4 Interpretation - MX Lo… Scott Kitterman
- Re: [spfbis] RFC7208 4.6.4 Interpretation - MX Lo… Jan Schaumann
- Re: [spfbis] RFC7208 4.6.4 Interpretation - MX Lo… Scott Kitterman
- Re: [spfbis] RFC7208 4.6.4 Interpretation - MX Lo… Tim Wicinski
- Re: [spfbis] RFC7208 4.6.4 Interpretation - MX Lo… John Levine
- Re: [spfbis] RFC7208 4.6.4 Interpretation - MX Lo… Tim Wicinski
- Re: [spfbis] RFC7208 4.6.4 Interpretation - MX Lo… Jan Schaumann
- Re: [spfbis] RFC7208 4.6.4 Interpretation - MX Lo… william
- Re: [spfbis] RFC7208 4.6.4 Interpretation - MX Lo… John R Levine
- Re: [spfbis] RFC7208 4.6.4 Interpretation - MX Lo… Klaus Frank