https://bz.apache.org/SpamAssassin/show_bug.cgi?id=8280

            Bug ID: 8280
           Summary: spf fails if too much DNS TXT data
           Product: Spamassassin
           Version: 4.0.0
          Hardware: PC
                OS: Windows 10
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Plugins
          Assignee: dev@spamassassin.apache.org
          Reporter: herrin-spamassas...@dirtside.com
  Target Milestone: Undefined

Created attachment 5967
  --> https://bz.apache.org/SpamAssassin/attachment.cgi?id=5967&action=edit
sample failing email message

In a message with:
Return-Path: <donotre...@overdrive.com>

Spamassasin reported:
 0.0 SPF_NONE               SPF: sender does not publish an SPF Record

However, "dig TXT overdrive.com |grep spf" reported:
overdrive.com.          641     IN      TXT     "v=spf1 ip4:207.54.136.3
ip4:207.54.136.2 ip4:207.54.136.4 include:_spf.salesforce.com
include:sendgrid.net include:app.sgizmo.com include:spf.protection.outlook.com
include:cust-spf.exacttarget.com -all"

I did further testing to understand why. I changed the Return path line to
a locally controlled domain of mine and added overdrive's SPF record. This
worked. I then added all of the DNS TXT records overdrive publishes.
Spamassassin reverted to the failure behavior.

By adding and deleting TXT records unrelated to SPF, I determined that
when there are more than around 1000 bytes of TXT content, the Spamassassin
results change from:
-0.0 SPF_PASS               SPF: sender matches SPF record

to:
 0.0 SPF_NONE               SPF: sender does not publish an SPF Record

-- 
You are receiving this mail because:
You are the assignee for the bug.

Reply via email to