Hi
On the new release i get a lot of spf failures that make me have to
disable spf. I tried to debug this spf rejection:
2019-12-19 11:09:33 H=mta-90-197.sparkpostmail.com [192.174.90.197]
Warning: SPF msprvs1=18256LU-Q9YGR=bounces-23293-11111@???
mta-90-197.sparkpostmail.com a.mx.olsns.net: transitioning domain of
spmailtechnol.com does not designate 192.174.90.197 as permitted sender
but spquery gives a different result:
# spfquery.libspf2 -i 192.174.90.197 -s
msprvs1=18256LU-Q9YGR=bounces-23293-11111@???
pass
spfquery: domain of spmailtechnol.com designates 192.174.90.197 as
permitted sender
Received-SPF: pass (spfquery: domain of spmailtechnol.com designates
192.174.90.197 as permitted sender) client-ip=192.174.90.197;
envelope-from=msprvs1=18256LU-Q9YGR=bounces-23293-11111@???;
but exim seems to do something wrong (it found the proper record but it
just ignored it):
11:43:00 32431 spf_process
spf_dns.c:54 Debug: DNS[cache] lookup: spmailtechnol.com TXT (16)
spf_dns.c:54 Debug: DNS[exim] lookup: spmailtechnol.com TXT (16)
11:43:00 32431 SPF_dns_exim_lookup
11:43:00 32431 DNS lookup of spmailtechnol.com (TXT) succeeded
spf_dns.c:66 Debug: DNS[exim] found record
spf_dns.c:69 Debug: DOMAIN: spmailtechnol.com TYPE: TXT (16)
spf_dns.c:76 Debug: TTL: 300 RR found: 1 herrno: 0
source: exim
spf_dns.c:94 Debug: - TXT: v=spf1
exists:%{i}._spf.sparkpostmail.com ~all
spf_dns.c:66 Debug: DNS[cache] found record
spf_dns.c:69 Debug: DOMAIN: spmailtechnol.com TYPE: TXT (16)
spf_dns.c:76 Debug: TTL: 300 RR found: 1 herrno: 0
source: exim
spf_dns.c:94 Debug: - TXT: v=spf1
exists:%{i}._spf.sparkpostmail.com ~all
spf_server.c:402 Debug: get_record(spmailtechnol.com): NETDB_SUCCESS
spf_server.c:443 Debug: found SPF record: v=spf1
exists:%{i}._spf.sparkpostmail.com ~all
spf_compile.c:1210 Debug: Compiling record v=spf1
exists:%{i}._spf.sparkpostmail.com ~all
spf_compile.c:1314 Debug: Name starts at
exists:%{i}._spf.sparkpostmail.com ~all
spf_compile.c:1408 Debug: Adding mechanism type 7
spf_compile.c:847 Debug: SPF_c_mech_add: type=7,
value=:%{i}._spf.sparkpostmail.com ~all
spf_compile.c:689 Debug: Parsing domainspec starting at
%{i}._spf.sparkpostmail.com ~all, cidr is forbidden
spf_compile.c:523 Debug: Parsing macro starting at
%{i}._spf.sparkpostmail.com ~all
spf_compile.c:1314 Debug: Name starts at all
spf_compile.c:1408 Debug: Adding mechanism type 8
spf_compile.c:847 Debug: SPF_c_mech_add: type=8, value=
spf_dns.c:54 Debug: DNS[cache] lookup:
192.174.90.197._spf.sparkpostmail.com A (1)
spf_dns.c:54 Debug: DNS[exim] lookup:
192.174.90.197._spf.sparkpostmail.com A (1)
11:43:00 32431 SPF_dns_exim_lookup
11:43:00 32431 DNS lookup of 192.174.90.197._spf.sparkpostmail.com (A)
succeeded
spf_dns.c:66 Debug: DNS[exim] found record
spf_dns.c:69 Debug: DOMAIN: (null) TYPE: ANY (255)
spf_dns.c:76 Debug: TTL: 86400 RR found: 0 herrno: 1
source: exim
spf_dns.c:66 Debug: DNS[cache] found record
spf_dns.c:69 Debug: DOMAIN: (null) TYPE: ANY (255)
spf_dns.c:76 Debug: TTL: 86400 RR found: 0 herrno: 1
source: exim
spf_interpret.c:1231 Debug: found 0 A records for
192.174.90.197._spf.sparkpostmail.com (herrno: 1)
11:43:00 32431 SPF result is softfail (4)
--
Best regards ...
----------------------------------------------------------------
David Saez
On-Line Services 2000 S.L.
http://www.ols.es
----------------------------------------------------------------
