You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Steven Stern <su...@sterndata.com> on 2005/03/09 13:57:03 UTC
SPF problems with this list
My SPF record was working, but is now failing for this list. So, it
seems that SPF checking has ratcheted up a notch. I've deleted my SPF
txt record in order to send this.
Anyhow...
The record was
"v=spf1 a mx ptr include:earthlink.net ~all"
I smarthost my mail through smtpauth.earthlink.net. The mail path then
bounces around inside earthlink for a while. The "spf why" page says:
hermes.apache.org saw a message coming from the IP address 209.86.89.61
which
is smtpauth01.mail.atl.earthlink.net; the sender claimed to be
subscribed-lists@sterndata.com
How can I configure the SPF record to work? I can't put in an
"a:smtpauth01.mail.atl.earthlink.net" because next time it may go
through 02,
or 03, etc.
Is it possible to use SPF in this environment?
--
Steve
Re: SPF problems with this list
Posted by Matt Kettler <mk...@evi-inc.com>.
At 07:57 AM 3/9/2005, Steven Stern wrote:
>The record was
>
>"v=spf1 a mx ptr include:earthlink.net ~all"
>
>I smarthost my mail through smtpauth.earthlink.net. The mail path then
>bounces around inside earthlink for a while. The "spf why" page says:
>
>hermes.apache.org saw a message coming from the IP address 209.86.89.61
>which
>is smtpauth01.mail.atl.earthlink.net; the sender claimed to be
>subscribed-lists@sterndata.com
When you do a SPF include, it basicaly winds up including the SPF record
for earthlink.net.
;; QUESTION SECTION:
;earthlink.net. IN TXT
;; ANSWER SECTION:
earthlink.net. 1800 IN TXT "v=spf1
ip4:207.217.120.0/23 ip4:207.69.200.0/24 ip4:209.86.93.0/24
ip4:207.69.195.0/24 ?all
"
However, if you look, earthlink's SPF record doesn't include 209.86.98.61,
therefore you fail the test.
Re: SPF problems with this list
Posted by Kelson <ke...@speed.net>.
Steven Stern wrote:
> "v=spf1 a mx ptr include:earthlink.net ~all"
>
> I smarthost my mail through smtpauth.earthlink.net. The mail path then
> bounces around inside earthlink for a while. The "spf why" page says:
>
> hermes.apache.org saw a message coming from the IP address 209.86.89.61
> which
> is smtpauth01.mail.atl.earthlink.net; the sender claimed to be
> subscribed-lists@sterndata.com
Earthlink's SPF record at present appears to be:
"v=spf1 ip4:207.217.120.0/23 ip4:207.69.200.0/24 ip4:209.86.93.0/24
ip4:207.69.195.0/24 ?all"
This doesn't include the server they sent your message out from.
> How can I configure the SPF record to work?
Your record's fine. Earthlink messed up by not listing all their
outgoing servers in their SPF record, or by setting up new servers
without updating their SPF record.
Notify Earthlink of the problem, and once they've updated their own SPF
record it should be fine.
> Is it possible to use SPF in this environment?
Of course, there is one more issue: hermes.apache.org should not be
rejecting mail based on a *softfail*, which is what that message should
have triggered. "~all" means "mail will probably never come from any
other servers than these, but we're not absolutely certain," not "mail
will only ever come from these servers."
--
Kelson Vibber
SpeedGate Communications <www.speed.net>
Re: SPF problems with this list
Posted by jdow <jd...@earthlink.net>.
I believe you have to rely on Earthlink's "smtpauth" for its SPF.
That's what I do.
{^_^}
----- Original Message -----
From: "Steven Stern" <su...@sterndata.com>
> My SPF record was working, but is now failing for this list. So, it
> seems that SPF checking has ratcheted up a notch. I've deleted my SPF
> txt record in order to send this.
>
> Anyhow...
>
> The record was
>
> "v=spf1 a mx ptr include:earthlink.net ~all"
>
> I smarthost my mail through smtpauth.earthlink.net. The mail path then
> bounces around inside earthlink for a while. The "spf why" page says:
>
> hermes.apache.org saw a message coming from the IP address 209.86.89.61
> which
> is smtpauth01.mail.atl.earthlink.net; the sender claimed to be
> subscribed-lists@sterndata.com
>
> How can I configure the SPF record to work? I can't put in an
> "a:smtpauth01.mail.atl.earthlink.net" because next time it may go
> through 02,
> or 03, etc.
>
> Is it possible to use SPF in this environment?
> --
>
> Steve
>
>