https://bz.apache.org/SpamAssassin/show_bug.cgi?id=8280
Bug ID: 8280 Summary: spf fails if too much DNS TXT data Product: Spamassassin Version: 4.0.0 Hardware: PC OS: Windows 10 Status: NEW Severity: normal Priority: P2 Component: Plugins Assignee: dev@spamassassin.apache.org Reporter: herrin-spamassas...@dirtside.com Target Milestone: Undefined Created attachment 5967 --> https://bz.apache.org/SpamAssassin/attachment.cgi?id=5967&action=edit sample failing email message In a message with: Return-Path: <donotre...@overdrive.com> Spamassasin reported: 0.0 SPF_NONE SPF: sender does not publish an SPF Record However, "dig TXT overdrive.com |grep spf" reported: overdrive.com. 641 IN TXT "v=spf1 ip4:207.54.136.3 ip4:207.54.136.2 ip4:207.54.136.4 include:_spf.salesforce.com include:sendgrid.net include:app.sgizmo.com include:spf.protection.outlook.com include:cust-spf.exacttarget.com -all" I did further testing to understand why. I changed the Return path line to a locally controlled domain of mine and added overdrive's SPF record. This worked. I then added all of the DNS TXT records overdrive publishes. Spamassassin reverted to the failure behavior. By adding and deleting TXT records unrelated to SPF, I determined that when there are more than around 1000 bytes of TXT content, the Spamassassin results change from: -0.0 SPF_PASS SPF: sender matches SPF record to: 0.0 SPF_NONE SPF: sender does not publish an SPF Record -- You are receiving this mail because: You are the assignee for the bug.