On 9/29/22 15:27, Stefan Neufeind via mailop wrote:
Hi, I recently came across an email being rejected by gmail.com with:This message does not pass authentication checks (SPF and DKIM both do not pass). SPF check for [...] does not pass with ip: [...].That email was not spam but authenticated to the mailserver mentioned (the ip given above), which is listed as MX for that domain etc. There was no SPF-record at that time. I'm now going to retry with an "as basic as possible" SPF-record. But does a SPF likev=spf1 a mx ~allhave any real benefit? And if it does, why isn't it sufficient that the domain and ip listed above belong to the legitimate MX? Of course that IP had proper rDNS and all that.
With this kind of SPF record, there is no real benefit, apart from having an SPF record which basically says: "we can send from any IP in the world". So, yes, _maybe_ you wouldn't get the gmail rejection message, but that doesn't mean your mail will land anywhere nearby the inbox. But only google can tell you.
As long as you don't have proper restrictive SPF/DMARC/rDNS, don't expect big players to allow your mail enter the inbox.
That doesn't mean you can't try it, after all, it might work.
It's becoming more and more crazy with some of the bigger mail-providers out there *sigh*
It's not really new and can even be worse with other "big mail providers".
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
