SPF +all mechanism should not be used at survol.me

Question

SPF +all mechanism should not be used at survol.me

Opened this issue 2 years ago · 0 comments

A quick dig command dig survol.me TXT +short outputs "v=spf1 +all".

Page 54 of RFC 7208 shows this is an all-inclusive mechanism allowing all IP addresses to pass the SPF check. In simple terms, it means malicious actors could spam on behalf of your domain name and therefore negatively affect domain reputation.