Hello, I have a FreeBSD server with Unbound .1.5.7 as a resolver.
I use Postfix for mail and postfix-policyd-spf-perl to check spf. My problem is, that mail from a certain domain is refused. When I test, I see this: # perl /usr/local/libexec/postfix-policyd-spf-perl request=smtpd_access_policy protocol_state=RCPT protocol_name=SMTP helo_name=mail.acme.com queue_id=8045F2AB23 [email protected] [email protected] client_address=1.1.1.1 client_name=mail.company.com action=DEFER_IF_PERMIT SPF-Result=mail.acme.com: 'SERVFAIL' error on DNS 'TXT' lookup of 'mail.acme.com' This is in unbound.log: Reason for the SERVFAIL: Jan 24 13:44:25 unbound[487:0] info: response for mail.acme.com. TXT IN Jan 24 13:44:25 unbound[487:0] info: reply from <acme.com.> 2.2.2.2#53 Jan 24 13:44:25 unbound[487:0] info: query response was ANSWER Jan 24 13:44:25 unbound[487:0] info: Validate: message contains bad rrsets Jan 24 13:44:25 unbound[487:0] info: validation failure <mail.acme.com. TXT IN>: signature crypto failed from 2.2.2.2 Is this a valid SERVFAIL? Could some help me? Thanks. With kind regards, Jac
