Testing SPF in 3.0-rc2

[John <jo...@linuxseclabs.com>]

Hi,
I am trying to test the SPF capablities of SA-3.0-rc2 (also using perl
5.6.0, postfix 1.1.11, amavisd-new-20030616-p10). I have 2 instances of
postfix sandwiching amavisd-new which calls SA). I am using telnet from
my optonline.net machine setting the MAIL FROM: to x@aol.com to my test
server that is running the above software. (I am also putting in the
header "From: x@aol.com" as well). I am not getting any SPF test hits in
the resulting mail during transmission or when I run the mail using
"spamassassin -D --lint <test.eml". (I am including the debug output,
test email, init.pre and local.cf).

The line of interest in the debug output is
debug: SPF: query for /XXX.XXX.XXX.XXX/optonline.net: result: none,
comment: SPF: domain of sender optonline.net does not designate mailers

I would think the fact that optonline.net isn't advertising mailers is too
important. Isn't that fact that aol.com does advertise it's servers via
SPF that thing that matters since that is the domain that I impersonating?

[root@server]# dig -t txt aol.com

; <<>> DiG 8.3 <<>> -t aol.com
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4
;; QUERY SECTION:
;;      aol.com, type = TXT, class = IN

;; ANSWER SECTION:
aol.com.                5M IN TXT       "v=spf1 ip4:152.163.225.0/24
ip4:205.188.139.0/24 ip4:205.188.144.0/24 ip4:205.188.156.0/23
ip4:205.188.159.0/24 ip4:64.12.136.0/23 ip4:64.12.138.0/24 ptr:mx.aol.com
?all"

What is that I am not understanding?

TIA,
John