IETF Logo Mail Archive

Re: [spfbis] RFC7208 4.6.4 Interpretation - MX Lookup Count Inconsistencies

John Levine <johnl@taugh.com> Mon, 23 January 2023 03:14 UTC

Return-Path: <johnl@iecc.com>
X-Original-To: spfbis@ietfa.amsl.com
Delivered-To: spfbis@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5346AC14F72D for <spfbis@ietfa.amsl.com>; Sun, 22 Jan 2023 19:14:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.148
X-Spam-Level:
X-Spam-Status: No, score=-4.148 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b="lRmKFTKq"; dkim=pass (2048-bit key) header.d=taugh.com header.b="m1mw2qt0"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id j8sB4I1mkjSp for <spfbis@ietfa.amsl.com>; Sun, 22 Jan 2023 19:14:13 -0800 (PST)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A7A6BC151707 for <spfbis@ietf.org>; Sun, 22 Jan 2023 19:13:58 -0800 (PST)
Received: (qmail 87299 invoked from network); 23 Jan 2023 03:13:55 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:cleverness; s=15500.63cdfb73.k2301; bh=65Xny+dCJrhZyFPgv2Gp1fo+6XQx5w5ssPjYpu/QgY4=; b=lRmKFTKq1IFye0f2bD2BBOBBS4HWk0tgM41RUH9IjI9QKT9BOStifB1GDrNoQMUOrVjJvZ8h0ZBQGJQhosu3M/EHZemvuUr5c3gLXfri91pPVldEfmBmakUuW2AZBsz0f6MqI0qFUvmpRIMeMyxs7YaExDTEfJv9zusU52dTGE+rxxgtdKuY6n7/Z0EmPC+TVLkO3ziDRDAXj9qXl+9I1DRwh8j2uldSgMPbSsdVM7AjvfgN5jHd9Etzdc9/1CrSPfKOcFbCsNzAGT/vv4Ozc7fe5XvnHYoU/+M8c220pIrwwuj5ziAkQ3fYp/giGT8fE9KwpVG2NT/97ijmPpsmJw==
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:cleverness; s=15500.63cdfb73.k2301; bh=65Xny+dCJrhZyFPgv2Gp1fo+6XQx5w5ssPjYpu/QgY4=; b=m1mw2qt0mUl/UIsO+jj/2Po+upbeDdDAp+jGEFftlqZxIrZmaKvfsSi1Vjd5P/JqQCR9t0Pqb6Q6kxcCYsCQdXZCBZqEvoTdwbgjG67K9tr5RDHXOocm6pWylygZRCMyZIOueSRyKkdbdQ4KjU8KnWXrHFdCUcEA9QGFG8qo/yGCgMBjiSdeeccaZ73tUtwR24Ple969RHvoY0NNUCByG+FiRda28FU8vlLd1Za9e59vozgWHclpidRmmy6LSD9GfX/miP2AF/Q+EZ+xNq8uxZvFcIzo4gIU+wCmt6dypIgNNW8y7spSEvvCr7Syk4oE562EKylQpUgn0RPpfsYyeQ==
Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.3 ECDHE-RSA AES-256-GCM AEAD) via TCP6; 23 Jan 2023 03:13:55 -0000
Received: by ary.qy (Postfix, from userid 501) id 527A67D6DA86; Sun, 22 Jan 2023 22:13:54 -0500 (EST)
Date: Sun, 22 Jan 2023 22:13:54 -0500
Message-Id: <20230123031354.527A67D6DA86@ary.qy>
From: John Levine <johnl@taugh.com>
To: spfbis@ietf.org
Cc: tjw.ietf@gmail.com
In-Reply-To: <CADyWQ+FRgUPOC3OiMZ74kbD9Mn+r=Z51meY7uTZutfAJDr6ssQ@mail.gmail.com>
Organization: Taughannock Networks
X-Headerized: yes
Cleverness: minimal
Mime-Version: 1.0
Content-type: text/plain; charset="utf-8"
Content-transfer-encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/spfbis/zBpFUhQJQZmp8i4o7Joq-wt6dSo>
Subject: Re: [spfbis] RFC7208 4.6.4 Interpretation - MX Lookup Count Inconsistencies
X-BeenThere: spfbis@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: SPFbis discussion list <spfbis.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spfbis>, <mailto:spfbis-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spfbis/>
List-Post: <mailto:spfbis@ietf.org>
List-Help: <mailto:spfbis-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spfbis>, <mailto:spfbis-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Jan 2023 03:14:18 -0000

It appears that Tim Wicinski  <tjw.ietf@gmail.com> said:
>I also feel that technology stacks have matured over time.  Jan, do you see
>real world examples of a domain with 11 MX servers? 

Well, there's Comcast:

$ host -t mx comcast.net
comcast.net mail is handled by 50 mx1a1.comcast.net.
comcast.net mail is handled by 5 mx2.mxge.comcast.net.
comcast.net mail is handled by 50 mx2a1.comcast.net.
comcast.net mail is handled by 50 mx1c1.comcast.net.
comcast.net mail is handled by 5 mx1.mxge.comcast.net.
comcast.net mail is handled by 50 mx2c1.comcast.net.
comcast.net mail is handled by 50 mx1h1.comcast.net.
comcast.net mail is handled by 50 mx2h1.comcast.net.

And there's Yahoo, but its MX is only four lookups:

$ host -t mx yahoo.com
yahoo.com mail is handled by 1 mta6.am0.yahoodns.net.
yahoo.com mail is handled by 1 mta7.am0.yahoodns.net.
yahoo.com mail is handled by 1 mta5.am0.yahoodns.net.

$ host mta5.am0.yahoodns.net.
mta5.am0.yahoodns.net has address 67.195.228.109
mta5.am0.yahoodns.net has address 98.136.96.76
mta5.am0.yahoodns.net has address 67.195.204.72
mta5.am0.yahoodns.net has address 67.195.204.79
mta5.am0.yahoodns.net has address 67.195.228.111
mta5.am0.yahoodns.net has address 98.136.96.77
mta5.am0.yahoodns.net has address 67.195.228.110
mta5.am0.yahoodns.net has address 98.136.96.91
$ host mta6.am0.yahoodns.net.
mta6.am0.yahoodns.net has address 67.195.204.74
mta6.am0.yahoodns.net has address 98.136.96.76
mta6.am0.yahoodns.net has address 67.195.228.110
mta6.am0.yahoodns.net has address 67.195.204.79
mta6.am0.yahoodns.net has address 67.195.204.77
mta6.am0.yahoodns.net has address 67.195.228.111
mta6.am0.yahoodns.net has address 67.195.228.94
mta6.am0.yahoodns.net has address 98.136.96.77
$ host mta7.am0.yahoodns.net.
mta7.am0.yahoodns.net has address 67.195.204.79
mta7.am0.yahoodns.net has address 67.195.204.77
mta7.am0.yahoodns.net has address 98.136.96.91
mta7.am0.yahoodns.net has address 67.195.228.111
mta7.am0.yahoodns.net has address 67.195.228.106
mta7.am0.yahoodns.net has address 67.195.228.94
mta7.am0.yahoodns.net has address 67.195.204.72
mta7.am0.yahoodns.net has address 98.136.96.77

And Charter:

$ host -t mx charter.com
charter.com mail is handled by 10 nce.mail.chartercom.com.
charter.com mail is handled by 10 ncw.mail.chartercom.com.

$ host nce.mail.chartercom.com.
nce.mail.chartercom.com has address 142.136.234.134
nce.mail.chartercom.com has address 142.136.234.135
nce.mail.chartercom.com has address 142.136.234.136
nce.mail.chartercom.com has address 142.136.234.137
nce.mail.chartercom.com has address 142.136.234.138
nce.mail.chartercom.com has address 142.136.234.139
nce.mail.chartercom.com has address 142.136.234.142
nce.mail.chartercom.com has address 142.136.234.143
nce.mail.chartercom.com has address 142.136.234.144

$ host ncw.mail.chartercom.com.
ncw.mail.chartercom.com has address 142.136.235.134
ncw.mail.chartercom.com has address 142.136.235.135
ncw.mail.chartercom.com has address 142.136.235.136
ncw.mail.chartercom.com has address 142.136.235.137
ncw.mail.chartercom.com has address 142.136.235.138
ncw.mail.chartercom.com has address 142.136.235.139
ncw.mail.chartercom.com has address 142.136.235.142
ncw.mail.chartercom.com has address 142.136.235.143
ncw.mail.chartercom.com has address 142.136.235.144

I occasionally see spammy looking hosts with a lot
of MX'es but if their SPF checks fail, who cares.

R's,
John

v2.23.0 | Report a Bug | By Email