Hacker News new | past | comments | ask | show | jobs | submit login

Telus has this entry:

    exists:CL.%{i}.FR.%{l}.F2.%{o}.spf.nssi.telus.com
Reading RFC 7208, that would be expanded to

    exists:CL.69.64.35.11.FR.reply.F2.telus.com.spf.nssi.telus.com
which means if that any record exists at that name, it will pass.

    dig +short cl.69.64.35.11.fr.reply.f2.telus.com.spf.nssi.telus.com
    127.0.0.1
trying a few other values, it seems that telus.com is saying ALL IP addresses are allowed to send for it.



It seems like everything in the zone "spf.nssi.telus.com" resolves, regardless of further DNS labels. So yeah, I'd say every host with any IP is allowed to send mails as anything from telus.com. That's a bit unsettling.


They appear to have quitely fixed it.


Indeed, the DNS records are gone. They had a tweet[1] 1 hour or 2 ago how they are working on it. I guess someone got phoned on his sunday to fix it. I'm hoping for a further update from their side what happened.

1: https://twitter.com/TELUSsupport/status/988060048843657216




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: