Hi,
as i'm implementing SPF Checks atm , i came cross this log entry from
google :
2016-06-29 14:21:07 1bIEUB-0002yU-TK SMTP error from remote mail server
after end of data: 421-4.7.0 [XXXXXXX] The SPF record of the sending
domain has one or\n421-4.7.0 more suspicious entries. To protect our
users from spam, mail sent\n421-4.7.0 from your IP address has been
temporarily rate limited. Please visit\n421-4.7.0
https://support.google.com/mail/answer/81126#authentication for
more\n421 4.7.0 information. 78si4520019iol.86 - gsmtp
The SPF Record looks like this : "v=spf1 +all"
Which means roughly: "I don't care about my EMailservers, I like to be
spammed with my own domain."
Problem is, with my current spfquery check, this SPF would be considered
valid, which is it, it's just not very usefull at all.
I like to react like google in this special case, because that entry is
nonsense, you also could remove it from your DNS and nobody would notice.
Does anyone have an exim rule / idea to check for it, before running the
spfquery at all?
best regards,
Marius
