I came across some spam in my inbox today. This company was pushing pump-and-dump stock spam for a medical company. I saw that the company passed an SPF check. That’s odd, I thought. A spammer passing an SPF check? So, I decided to check out the SPF records:
dig txt watammatau.com
;; ANSWER SECTION:
watammatau.com. 1800 IN TXT “v=spf1 +all
Sure enough, this spammer has set up a site and complied with SPF; they’ve set up a record simply for the sake of setting up a record. Not that it helps them or anything, but it looks like they’ve set up a record for the sake of setting up a record.