Le 30/09/2019 15:55, gil...@poolp.org a écrit :
I'd like to bring native support for SPF in OpenSMTPD in a future
but for this I need a bit of help to make sure my SPF resolver works
I have created a repository with a standalone executable that performs
SPF lookup and checks if an IP address is allowed to send on behalf of
If you could test and report issues, it would be nice,
As much as I can understand it, recursion seem to not work.
# dig -t TXT carnat.net
carnat.net. 14314 IN TXT "v=spf1 mx -all"
# ./spf carnat.net 188.8.131.52
checking if 184.108.40.206 can send for carnat.net: pass
# ./spf carnat.net 220.127.116.11
checking if 18.104.22.168 can send for carnat.net: fail
Not fully working example:
# dig -t TXT outlook.com
outlook.com. 600 IN TXT "v=spf1
include:spf-a.outlook.com include:spf-b.outlook.com ip4:22.214.171.124/25
include:_spf-ssg-b.microsoft.com include:_spf-ssg-c.microsoft.com ~all"
# ./spf outlook.com 126.96.36.199
checking if 188.8.131.52 can send for outlook.com: EXISTS: 0
# dig -t TXT spf-a.hotmail.com
spf-a.hotmail.com. 3600 IN TXT "v=spf1
ip4:184.108.40.206/26 ip4:220.127.116.11/26 ip4:18.104.22.168/25
ip4:22.214.171.124/24 ip4:126.96.36.199/26 ip4:188.8.131.52/26
ip4:184.108.40.206/24 ip4:220.127.116.11/25 ip4:18.104.22.168/24
ip4:22.214.171.124/24 ip4:126.96.36.199/24 ip4:188.8.131.52/24 ~all"
# ./spf outlook.com 184.108.40.206
checking if 220.127.116.11 can send for outlook.com: EXISTS: 0