On 2013-01-31 12:59 , Markus Wild wrote: [..]
I'm not in charge of these servers, so unfortunately I can't give you the concrete IP addresses. Just shows once more, that SPF is broken by design.
SPF is broken in different ways, but this could have been done perfectly fine with SPF by using an include/redirect statement, see examples used by millions below (and note the cool 'netblocks6' ;).
Of course that would have meant that the original hoster (Swisscom in this case) published that information... maybe that is something to offer customers!? :)
Greets, Jeroen
--
$ dig +short google.com txt "v=spf1 include:_netblocks.google.com include:_netblocks6.google.com ip4:216.73.93.70/31 ip4:216.73.93.72/31 ~all"
$ dig +short gmail.com txt "v=spf1 redirect=_spf.google.com"