Hi, On a somewhat related note, I just noticed one of our customers have listed spf.protection.outlook.com in their SPF record:
bestwesternnwcc.com. 600 IN TXT "v=spf1 include:spf.protection.outlook.com -all" Doesn't this amount to thousands of IP addresses that could conceivably be used to spoof any other domain that's "hosted" using one of those IPs? This is apparently the recommended config according to MS: https://technet.microsoft.com/en-us/library/dn789058(v=exchg.150).aspx > I'll have that son of a bitch eating out of dumpsters in less than > two years. -- MS CEO Steve Ballmer, on RedHat CEO Matt Szulik omg, that's hilarious.
