blog.iloaf.com » eBay, Paypal and their SPF own goal!

Posted on September 17, 2007 by Chris @ 8:26 am

Trying to research a few errors in my maillog relating to spf revealed an own goal by the top pished company in the world.
Taken from the de-facto SPF implemetation:
"use constant default_max_dns_interactive_terms => 10; # RFC 4408, 10.1/6 "

10 interactive terms. Ten is the default, because SPF is supposed to be a “light check”.

With eBay/PayPals current deployment of SPF they have scored an own goal. Its so complicated that it does not conform to the RFC and fails (in the defacto implementation) with a permanent error.

Take a quick look at why is fails the 10 record test:

mx
include:s._spf.ebay.com
include:m._spf.ebay.com
include:p._spf.ebay.com
include:c._spf.ebay.com

s._spf.ebay.com
ip4:66.135.209.192/27
ip4:66.135.197.0/27
ip4:64.4.240.64/27
ip4:64.4.244.64/27
ip4:66.211.161.0/25

m._spf.ebay.com
ip4:66.135.215.224/27
ip4:216.33.244.96/27
ip4:216.33.244.84

p._spf.ebay.com
ip4:67.72.99.26
ip4:206.165.246.83
ip4:206.165.246.84
ip4:206.165.246.85
ip4:206.165.246.86
ip4:64.127.115.252
ip4:194.64.234.129/27
include:p2._spf.ebay.com

p2._spf.ebay.com
ip4:65.110.161.77
ip4:204.13.11.49
ip4:204.13.11.51
include:liveworld.com
include:emarsys.net

liveworld.com
a:mail.liveworld.com
a:smtp.liveworld.com
a:mail.mccmedia.com
mx:smtp.liveworld.com
a:sjc.liveworld.com
ip4:63.80.14.0/23
ip4:208.64.132.0/22
-all (wow)

emarsys.net
ip4:81.223.46.25
ip4:81.223.46.26
ip4:81.223.46.27
ip4:81.223.46.28
ip4:81.223.46.29
ip4:81.223.46.30
ip4:81.223.46.10
ip4:81.223.46.11
ip4:81.223.46.12
ip4:81.223.46.13

c._spf.ebay.com
ip4:12.155.144.75
ip4:62.22.61.131
ip4:63.104.149.126
ip4:64.68.79.253
ip4:64.94.204.222
ip4:66.135.215.134
ip4:67.72.12.29
ip4:193.28.178.23
ip4:193.28.178.24
include:c2._spf.ebay.com

c2._spf.ebay.com
ip4:80.93.9.10
ip4:195.234.136.12
ip4:203.49.69.114
ip4:209.63.28.11
ip4:210.80.80.136
ip4:212.110.10.2
ip4:212.147.136.123
include:c3._spf.ebay.com

c3._spf.ebay.com
ip4:213.219.8.227
ip4:216.113.168.128
ip4:216.113.175.128
ip4:216.177.178.3
ip4:217.149.33.234
ip4:220.248.6.124
ip4:67.72.12.30
include:c4._spf.ebay.com

c4._spf.ebay.com
ip4:216.113.188.112
ip4:80.66.137.58
ip4:212.208.64.34
ip4:216.113.188.96
ip4:216.33.244.6
ip4:216.33.244.7
ip4:63.80.14.17
ip4:216.113.175.152
ip4:216.113.175.153

Pheww.. Do you think that’s more than 10 entries? No wonder it’s not helping

[X] Your infrastructure is too complicated.
[X] You have more money (and networks) than …......
[X] Your good intentions went to waste.
[X] Your using a ~all record when your business dictates -all.

/* */

Filed under: ~/
Comments:

This is a j.u.n.k.m.a.i.l. t.r.a.p. - please ignore. From bawg twap blogsnow.com Technorati Profile

No Comments »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Line and paragraph breaks automatic, e-mail address never displayed, HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

No Comments »

Leave a comment

Geeks

µblog