ncta.com Lookup - SPF-Record

Evaluation for the domain ncta.com

Nameserverset:

ns1.dnsimple.com
ns2.dnsimple.com
ns3.dnsimple.com
ns4.dnsimple.com

Determined SPF record:

v=spf1 ip4:209.23.210.34 ip4:209.23.210.232 ip4:209.23.210.233 ip4:209.23.210.35 ip4:74.209.251.23 ip4:40.117.210.108 ip4:20.231.203.157 ip4:209.23.210.200 ip4:20.163.173.238 ip4:104.211.38.185 ip4:172.174.155.237 include:spf.protection.outlook.com include:spf.mandrillapp.com include:spf-2248456.jmsend.com include:sparkpostmail.com -all

v=spf1 ip4:209.23.210.34 ip4:209.23.210.232 ip4:209.23.210.233 ip4:209.23.210.35 ip4:74.209.251.23 ip4:40.117.210.108 ip4:20.231.203.157 ip4:209.23.210.200 ip4:20.163.173.238 ip4:104.211.38.185 ip4:172.174.155.237 include:spf.protection.outlook.com include:spf.mandrillapp.com include:spf-2248456.jmsend.com include:sparkpostmail.com  -all

SPF Send

Legitimated IP addresses:

40 IP addresses found

IP	Provider / ASN	DNSBL-Check
209.23.210.34	NCTA-WASHINGTONDC	blacklist
209.23.210.232	NCTA-WASHINGTONDC	blacklist
209.23.210.233	NCTA-WASHINGTONDC	blacklist
209.23.210.35	NCTA-WASHINGTONDC	blacklist
74.209.251.23	DATABANK-DFW	blacklist
40.117.210.108	MICROSOFT-CORP-MSN-AS-BLOCK	blacklist
20.231.203.157	MICROSOFT-CORP-MSN-AS-BLOCK	blacklist
209.23.210.200	NCTA-WASHINGTONDC	blacklist
20.163.173.238	MICROSOFT-CORP-MSN-AS-BLOCK	blacklist
104.211.38.185	MICROSOFT-CORP-MSN-AS-BLOCK	blacklist
172.174.155.237	MICROSOFT-CORP-MSN-AS-BLOCK	blacklist
40.92.0.0/15	MICROSOFT-CORP-MSN-AS-BLOCK	blacklist
40.107.0.0/16	MICROSOFT-CORP-MSN-AS-BLOCK	blacklist
52.100.0.0/14	MICROSOFT-CORP-MSN-AS-BLOCK	blacklist
104.47.0.0/17	MICROSOFT-CORP-MSN-AS-BLOCK	blacklist
2a01:111:f400::/48	MICROSOFT-CORP-MSN-AS-BLOCK	blacklist
2a01:111:f403::/49	MICROSOFT-CORP-MSN-AS-BLOCK	blacklist
2a01:111:f403:8000::/51	MICROSOFT-CORP-MSN-AS-BLOCK	blacklist
2a01:111:f403:c000::/51	MICROSOFT-CORP-MSN-AS-BLOCK	blacklist
2a01:111:f403:f000::/52	MICROSOFT-CORP-MSN-AS-BLOCK	blacklist
198.2.128.0/24	THEROCKETSCIENCEGROUP	blacklist
198.2.132.0/22	THEROCKETSCIENCEGROUP	blacklist
198.2.136.0/23	THEROCKETSCIENCEGROUP	blacklist
198.2.145.0/24	THEROCKETSCIENCEGROUP	blacklist
198.2.186.0/23	THEROCKETSCIENCEGROUP	blacklist
205.201.131.128/25	THEROCKETSCIENCEGROUP	blacklist
205.201.134.128/25	THEROCKETSCIENCEGROUP	blacklist
205.201.136.0/23	THEROCKETSCIENCEGROUP	blacklist
205.201.139.0/24	THEROCKETSCIENCEGROUP	blacklist
198.2.177.0/24	THEROCKETSCIENCEGROUP	blacklist
198.2.178.0/23	THEROCKETSCIENCEGROUP	blacklist
198.2.180.0/24	THEROCKETSCIENCEGROUP	blacklist
74.63.218.226	LIMESTONENETWORKS	blacklist
216.75.6.200	CARINET	blacklist
64.31.50.128/25	LIMESTONENETWORKS	blacklist
63.143.55.128/25	LIMESTONENETWORKS	blacklist
69.162.99.140	LIMESTONENETWORKS	blacklist
64.31.8.108	LIMESTONENETWORKS	blacklist
64.31.8.114	LIMESTONENETWORKS	blacklist
64.79.65.180	ENET-2	blacklist

SPF-Syntax Check:

Syntax check passed: 0 error

(ncta.com → sparkpostmail.com) Mechanisms of SPF-Record are valid

OK for 'v' -> 'spf1'

Correct syntax for 'exists' -> '%{i}._spf.sparkpostmail.com'.

OK for 'all' -> '~'

(ncta.com → sparkpostmail.com) The SPF consists of a permissible character set.

The SPF record of sparkpostmail.com contains valid characters.

(ncta.com → spf-2248456.jmsend.com) Mechanisms of SPF-Record are valid

OK for 'v' -> 'spf1'

OK for 'ip4' -> '74.63.218.226'

OK for 'ip4' -> '216.75.6.200'

OK for 'ip4' -> '64.31.50.128/25'

OK for 'ip4' -> '63.143.55.128/25'

OK for 'ip4' -> '69.162.99.140'

OK for 'ip4' -> '64.31.8.108'

OK for 'ip4' -> '64.31.8.114'

OK for 'ip4' -> '64.79.65.180'

OK for 'all' -> '-'

(ncta.com → spf-2248456.jmsend.com) The SPF consists of a permissible character set.

The SPF record of spf-2248456.jmsend.com contains valid characters.

(ncta.com → spf.mandrillapp.com) Mechanisms of SPF-Record are valid

OK for 'v' -> 'spf1'

OK for 'ip4' -> '198.2.128.0/24'

OK for 'ip4' -> '198.2.132.0/22'

OK for 'ip4' -> '198.2.136.0/23'

OK for 'ip4' -> '198.2.145.0/24'

OK for 'ip4' -> '198.2.186.0/23'

OK for 'ip4' -> '205.201.131.128/25'

OK for 'ip4' -> '205.201.134.128/25'

OK for 'ip4' -> '205.201.136.0/23'

OK for 'ip4' -> '205.201.139.0/24'

OK for 'ip4' -> '198.2.177.0/24'

OK for 'ip4' -> '198.2.178.0/23'

OK for 'ip4' -> '198.2.180.0/24'

OK for 'all' -> '~'

(ncta.com → spf.mandrillapp.com) The SPF consists of a permissible character set.

The SPF record of spf.mandrillapp.com contains valid characters.

(ncta.com → spf.protection.outlook.com) Mechanisms of SPF-Record are valid

OK for 'v' -> 'spf1'

OK for 'ip4' -> '40.92.0.0/15'

OK for 'ip4' -> '40.107.0.0/16'

OK for 'ip4' -> '52.100.0.0/14'

OK for 'ip4' -> '104.47.0.0/17'

OK for 'ip6' -> '2a01:111:f400::/48'

OK for 'ip6' -> '2a01:111:f403::/49'

OK for 'ip6' -> '2a01:111:f403:8000::/51'

OK for 'ip6' -> '2a01:111:f403:c000::/51'

OK for 'ip6' -> '2a01:111:f403:f000::/52'

OK for 'all' -> '-'

(ncta.com → spf.protection.outlook.com) The SPF consists of a permissible character set.

The SPF record of spf.protection.outlook.com contains valid characters.

(ncta.com) Mechanisms of SPF-Record are valid

OK for 'v' -> 'spf1'

OK for 'ip4' -> '20.163.173.238'

OK for 'include' -> 'sparkpostmail.com'

OK for 'include' -> 'spf-2248456.jmsend.com'

OK for 'include' -> 'spf.mandrillapp.com'

OK for 'include' -> 'spf.protection.outlook.com'

OK for 'ip4' -> '172.174.155.237'

OK for 'ip4' -> '104.211.38.185'

OK for 'ip4' -> '209.23.210.200'

OK for 'ip4' -> '209.23.210.34'

OK for 'ip4' -> '20.231.203.157'

OK for 'ip4' -> '40.117.210.108'

OK for 'ip4' -> '74.209.251.23'

OK for 'ip4' -> '209.23.210.35'

OK for 'ip4' -> '209.23.210.233'

OK for 'ip4' -> '209.23.210.232'

OK for 'all' -> '-'

(ncta.com) The DNS lookup limit was not exceeded.

The limit was not exceeded:

1: ncta.com include:spf.protection.outlook.com
2: ncta.com include:spf.mandrillapp.com
3: ncta.com include:spf-2248456.jmsend.com
4: ncta.com include:sparkpostmail.com

(ncta.com) The SPF consists of a permissible character set.

The SPF record of ncta.com contains valid characters.

Analysis result of the SPF record for the domain: ncta.com

SPF record available?

We found an SPF record for the domain.

v=spf1

Additionally authorized IPv4 addresses

Explicit IPv4 addresses in the SPF record have been authorized to send

209.23.210.34
209.23.210.232
209.23.210.233
209.23.210.35
74.209.251.23
40.117.210.108
20.231.203.157
209.23.210.200
20.163.173.238
104.211.38.185
172.174.155.237

Additional external SPF records

We could find other records authorized in the SPF record

➥

include:spf.protection.outlook.com

v=spf1 ip4:40.92.0.0/15 ip4:40.107.0.0/16 ip4:52.100.0.0/14 ip4:104.47.0.0/17 ip6:2a01:111:f400::/48 ip6:2a01:111:f403::/49 ip6:2a01:111:f403:8000::/51 ip6:2a01:111:f403:c000::/51 ip6:2a01:111:f403:f000::/52 -all

ipv4:

40.92.0.0/15

ipv4:

40.107.0.0/16

ipv4:

52.100.0.0/14

ipv4:

104.47.0.0/17

ipv6:

2a01:111:f400::/48

ipv6:

2a01:111:f403::/49

ipv6:

2a01:111:f403:8000::/51

ipv6:

2a01:111:f403:c000::/51

ipv6:

2a01:111:f403:f000::/52

➥

include:spf.mandrillapp.com

v=spf1 ip4:198.2.128.0/24 ip4:198.2.132.0/22 ip4:198.2.136.0/23 ip4:198.2.145.0/24 ip4:198.2.186.0/23 ip4:205.201.131.128/25 ip4:205.201.134.128/25 ip4:205.201.136.0/23 ip4:205.201.139.0/24 ip4:198.2.177.0/24 ip4:198.2.178.0/23 ip4:198.2.180.0/24 ~all

ipv4:

198.2.128.0/24

ipv4:

198.2.132.0/22

ipv4:

198.2.136.0/23

ipv4:

198.2.145.0/24

ipv4:

198.2.186.0/23

ipv4:

205.201.131.128/25

ipv4:

205.201.134.128/25

ipv4:

205.201.136.0/23

ipv4:

205.201.139.0/24

ipv4:

198.2.177.0/24

ipv4:

198.2.178.0/23

ipv4:

198.2.180.0/24

➥

include:spf-2248456.jmsend.com

v=spf1 ip4:74.63.218.226 ip4:216.75.6.200 ip4:64.31.50.128/25 ip4:63.143.55.128/25 ip4:69.162.99.140 ip4:64.31.8.108 ip4:64.31.8.114 ip4:64.79.65.180 -all

ipv4:

74.63.218.226

ipv4:

216.75.6.200

ipv4:

64.31.50.128/25

ipv4:

63.143.55.128/25

ipv4:

69.162.99.140

ipv4:

64.31.8.108

ipv4:

64.31.8.114

ipv4:

64.79.65.180

➥

include:sparkpostmail.com

v=spf1 exists:%{i}._spf.sparkpostmail.com ~all

E-Mail handling

How should the checkHost() function of the e-mail server handle the e-mail? (syntax )

-all
Fail (non-compliant e-mails are rejected)

Unknown mechanisms

Unknown mechanisms were found in the SPF record

Will be forwarded to another SPF record?

There is no reference to any other SPF record

Are the server addresses allowed to send e-mails?

In the SPF entry the mechanism 'a' has not been set.

Additionally authorized A-records?

In addition to the A-Records stored in the DNS, we could not find any other records authorized in the SPF-Record.

Are the registered mail servers allowed to send e-mails?

In the SPF entry the mechanism 'mx' has not been set

Additionally authorized MX records

We could not find any other records authorized in the SPF record besides the MX records stored in the DNS

Additionally authorized IPv6 addresses

No explicit IPv6 addresses in the SPF record have been authorised to send

How is the sender informed?

The exp mechanism acts as a return to the sender if the IP address was not authorized to send and notify them. None was found.

PTR (obsolete mechanism)

The ptr mechanism is deprecated, slow and insecure and should not be used

PTR:

The ptr mechanism is deprecated, slow and insecure and should not be used

Authorize IP addresses with markers

When SPF is evaluated, macros can specifically authorize Ip addresses based on the request or connection of the user or client (RFC7208 )

Receiver address

analysis.ra-missing

Amount of reports

analysis.rp-missing

Report selection

analysis.rr-missing

SPF Check:
ncta.com

1. Specify domain name

2. Specify IP address (optional)

What is the SPF lookup for?

SPF check passed

Evaluation for the domain ncta.com

Recently performed SPF lookups

How secure is your domain?

SPF Check: ncta.com

1. Specify domain name

2. Specify IP address (optional)

What is the SPF lookup for?

SPF check passed

Evaluation for the domain ncta.com

Recently performed SPF lookups

How secure is your domain?

SPF Check:
ncta.com