Not directly related, but how do people feel about those mail-as-a-service
providers who basically hide their mixed bag of legitimate and abusive
customers behind anonymous names? My old-school thinking is that I want to know
who I'm talking to (or rather, who's mailserver my mailserver is talking to).
Is this completely outdated?
Cheers,
Hans-Martin
Am 17. Juni 2025 11:10:17 schrieb sebastian via mailop <mailop@mailop.org>:
> Anyone that knows how to get in touch with the admins on iphmx.com?
>
> Getting a lot of incoming SPF rejects on iphmx.com (mail destined for me, but
> rejected because sender SPF is faulty) - who owns that server?
>
> The thing is that iphmx.com seems to be a MaaS infrastructure who tells
> clients to use exists: as SPF records.
>
> Like: exists:%{i}.spf.hc2347-76.eu.ipmx.com
>
> One example:
>
> 23.90.102.86.spf.hc2437-76.eu.iphmx.com
>
> The problem is that these resolve to a private IP (172.0.0.2) which causes
> SPF failures due to DNS rebinding protection. Returning private IP adresses
> for external use is a big no-no.
>
> Works well for DNSBLs because in those situations its easy to configure a
> exception for the DNSBL server. Not so easy to configure an exception for all
> SPFes.
>
> Recommended DNS configuration change:
> Have the A record return its own IP:
>
> 23.90.102.86.spf.hc2437-76.eu.iphmx.com IN A 23.90.102.86
>
>
> Best regards, Sebastian Nielsen, owner of sebbe.eu
> _______________________________________________
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
