If you receive email from Google either google.com, gmail.com or the myriad of domains hosted by Google eg Google Apps Premier, you can use the published SPF records to preventing unauthorised spoofing.
To find the current SPF record you can do
- $ dig txt _spf.google.com
- ;; QUESTION SECTION:
;_spf.google.com. IN TXT
;; ANSWER SECTION:
_spf.google.com. 300 IN TXT "v=spf1 ip4:216.239.32.0/19 ip4:64.233.160.0/19 ip4:66.249.80.0/20 ip4:72.14.192.0/18 ip4:209.85.128.0/17 ip4:66.102.0.0/20 ip4:74.125.0.0/16 ip4:64.18.0.0/20 ip4:207.126.144.0/20 ?all"
It is not possible by the way for a Google Apps customer on one domain to impersonate (ie spoof) another, since the backend email system prevents this.
Posts
0 comments:
Post a Comment