Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. SPF>
  3. Help
SPF too many addresses
pcloutier at progenygenealogy
Apr 3, 2010, 3:18 PM
Post #1 of 2 (1667 views)
Permalink
How does one deal with the situation where the total number of
'mechanisms' (address references) is greater than the maximum allowed
(ten), because an 'include:' domain itself refers to many addresses?

Example: I have a few a: and mx: entries in my SPF, plus I have:
include:sgizmo.com
This site has eleven SPF entries:
sgizmo.com [11]
v=spf1 a mx ip4:74.63.152.14 ip4:66.135.42.39 ip4:74.63.152.17
ip4:66.135.42.16 ip4:216.150.9.227 ip4:76.74.152.71
ip4:216.150.11.187 include:emailsrvr.com include:support.zendesk.com ~all
Basically my goose is cooked. I understand why the number of address
references has to be limited to avoid a DoS, but in order to be
useable in real-life situations, SPF has to allow for a large number
of servers.

Even if the above addresses could be consolidated with a clever mask,
I doubt I'll get very far convincing SurveyGizmo to change their SPF.
Plus, that's just one of the ESPs I deal with, there are more.

Is there a solution to this?

Pierre


Progeny Genealogy Inc.
www.progenygenealogy.com
+1 902 681-3102
"Visual analysis and presentation tools"


-------------------------------------------
Sender Policy Framework: http://www.openspf.org [http://www.openspf.org]
Modify Your Subscription: http://www.listbox.com/member/ [http://www.listbox.com/member/]

Archives: https://www.listbox.com/member/archive/1020/=now
RSS Feed: https://www.listbox.com/member/archive/rss/1020/
Powered by Listbox: http://www.listbox.com
Re: SPF too many addresses [ In reply to ]
rob.macgregor at gmail
Apr 3, 2010, 3:45 PM
Post #2 of 2 (1634 views)
Permalink
On Sat, Apr 3, 2010 at 23:18, Pierre Clouthier
<pcloutier@progenygenealogy.com> wrote:
> How does one deal with the situation where the total number of 'mechanisms'
> (address references) is greater than the maximum allowed (ten), because an
> 'include:' domain itself refers to many addresses?
>
> Example: I have a few a: and mx: entries in my SPF, plus I have:

You already have the IP of the a record listed, so drop that. Drop
the mx entry since you're already including the IP ranges with the
include:emailsrvr.com entry. Finally, support.zendesk.com has no SPF
record, which is probably the cause of your problems.

In short, try instead:

v=spf1 ip4:74.63.152.14 ip4:66.135.42.39 ip4:74.63.152.17
ip4:66.135.42.16 ip4:216.150.9.227 ip4:76.74.152.71 ip4:216.150.11.187
include:emailsrvr.com ~all

--
Please keep list traffic on the list.

Rob MacGregor
Whoever fights monsters should see to it that in the process he
doesn't become a monster. Friedrich Nietzsche


-------------------------------------------
Sender Policy Framework: http://www.openspf.org [http://www.openspf.org]
Modify Your Subscription: http://www.listbox.com/member/ [http://www.listbox.com/member/]

Archives: https://www.listbox.com/member/archive/1020/=now
RSS Feed: https://www.listbox.com/member/archive/rss/1020/
Powered by Listbox: http://www.listbox.com

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal