September 30, 2019 4:25 PM, "Denis Fondras" <open...@ledeuns.net> wrote:
> On Mon, Sep 30, 2019 at 01:55:28PM +0000, gil...@poolp.org wrote: > >> Hello, >> >> I'd like to bring native support for SPF in OpenSMTPD in a future release, >> but for this I need a bit of help to make sure my SPF resolver works fine. >> >> I have created a repository with a standalone executable that performs the >> SPF lookup and checks if an IP address is allowed to send on behalf of the >> sending domain: >> >> https://github.com/poolpOrg/spf >> >> https://github.com/poolpOrg/spf/blob/master/README.md >> >> If you could test and report issues, it would be nice, > > It seems IPv6 check is broken : > > $ dig ledeuns.net TXT +short > "v=spf1 ip4:185.22.129.11 ip6:2a00:6060:1::1 ip6:2a00:6060:ffff::1005:ff02 > -all" > > $ ./spf ledeuns.net 185.22.129.1 > checking if 185.22.129.1 can send for ledeuns.net: fail > $ ./spf ledeuns.net 185.22.129.11 > checking if 185.22.129.11 can send for ledeuns.net: pass > $ ./spf ledeuns.net 2a00:6060:1::1 > checking if 2a00:6060:1::1 can send for ledeuns.net: fail will fix that, thanks