McDonald, Dan wrote:
I'm having trouble with a correspondent who is using SPF, is sending
from a host allowed in policy, but the SPF rule is not matching.
Their spf record (obfuscated) is:
example.com. 3600 IN TXT "v=spf1 mx ptr ip4:a.a.a.0/24
ip4:b.b.b.0/24 a:mailrelay a:exchange mx:male.example.com mx:femail -all"
I realize that it is malformed - shouldn't have non FQDN's in the a: or
mx: types, and male.example.com doesn't have an mx record (it is the mx
for 'example.com'). But that being said, those ones that are valid
ought to be recognized.
The message is being sent from a.a.a.11, so the ip4:a.a.a.0/24 record
should match.
I have both the old and new style SPF modules loaded:
[EMAIL PROTECTED] ~]$ rpm -qa | grep SPF
perl-Mail-SPF-Query-1.997-2mdk
perl-Mail-SPF-2.005-1.1.20060mlcs4
SPF works for other domains:
$ grep -c SPF_PASS /var/log/mail/info
11963
$ grep -c SPF_FAIL /var/log/mail/info
216
$ grep -c SPF_SOFTFAIL /var/log/mail/info
177
A total of 3710 distinct domains passed SPF, if my grep is correct
$ grep SPF_PASS /var/log/mail/info | grep -P -o '<.+?> ->' | cut -d @ -f
2 | cut -d \> -f 1 | sort | uniq | wc
3710 3710 66125
Any clues?
sure. a.a.a.a is not allowed to send mail. IP addresses may not contain
letters.
