Re: [courier-users] Courier and rfc 4408 spf

2014-11-04 Thread Alessandro Vesely 
On Tue 04/Nov/2014 21:48:28 +0100 Hanno Böck wrote: 
> Am Tue, 4 Nov 2014 13:23:25 +0100
> schrieb Matus UHLAR - fantomas :
> 
>> you should be glad you are receiving neutral, the SPF checker at
>> http://www.kitterman.com/spf/validate.html gives something different:
>> 
>> 
>>   Results - PermError SPF Permanent Error: Too many DNS lookups 

Same for https://dmarcian.com/spf-survey/algartelecom.com.br
Error present! Receivers are unable to use this SPF record to determine 
authenticity:
Too many DNS lookups (count=15)

> I get this for all my domains.
> They use a single include for spf. I don't think that's unreasonable.
> 
> Looks to me as this tool is broken, not the spf config.

Not according to https://dmarcian.com/spf-survey/hboeck.de

If you look at the bottom of that page, that tool found 4 occurrences of the
same block, and "compiles" your records into one that works without requiring
further lookups from the receiving server:

v=spf1 ip4:46.4.40.247 ip4:46.4.40.248 ip4:88.198.101.58 ip4:178.63.68.90 
ip4:178.63.68.96 ip6:2a01:4f8:121:1ffe::/64 ip6:2a01:4f8:131:6ffe::/64 -all

Ale

--
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] Courier and rfc 4408 spf

2014-11-04 Thread Hanno Böck 
Am Tue, 4 Nov 2014 13:23:25 +0100
schrieb Matus UHLAR - fantomas :

> you should be glad you are receiving neutral, the SPF checker at
> http://www.kitterman.com/spf/validate.html gives something different:
> 
> 
>   Results - PermError SPF Permanent Error: Too many DNS lookups 

I get this for all my domains.
They use a single include for spf. I don't think that's unreasonable.

Looks to me as this tool is broken, not the spf config.

-- 
Hanno Böck
http://hboeck.de/

mail/jabber: ha...@hboeck.de
GPG: BBB51E42


signature.asc
Description: PGP signature
--
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] Courier and rfc 4408 spf

2014-11-04 Thread Matus UHLAR - fantomas 
On 04.11.14 09:08, mariobe...@bol.com.br wrote:
>   Hi,

please, turn off HTML mail for mailing lists.

>   The problem occurs when the domain is in your SPF record on multiple lines
>   for the TXT record.
>
>   Domain: algartelecom.com.br
>
>   TXT record:
>
>    "v = spf1 ip4: 189.112.116.20 ip4: 200.170.137.98 ip4: 200 170
>   169 128 ip4: 20
>   0.225.197.0/24 ip4: 200 225 223 133 ip4: 201.16.216.25 ip4: 201.48.140.94
>   "
>    "include: 17386.meuspf.com include: 21316.meuspf.com include:
>   spf.protectio
>   n.outlook.com include: spf.virtualtarget.com.br a mx -all "

... thanks fo HTML this record is horribly broken.

>
>   Error courier:
>
>   Nov 3 12:38:07 mail courieresmtpd: error, relay = :: : 65.55.169.54,
>   from = : 517 SPF neutral
>   marc...@algartelecom.com.br: Address does not pass the Sender Policy
>   Framework

you should be glad you are receiving neutral, the SPF checker at
http://www.kitterman.com/spf/validate.html gives something different:


  Results - PermError SPF Permanent Error: Too many DNS lookups 

...no wonder, there are too many included records...


-- 
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
2B|!2B, that's a question!

--
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] Courier and rfc 4408 spf

2014-11-04 Thread Sam Varshavchik 

mariobe...@bol.com.br writes:


« HTML content follows »

Hi,
 
The problem occurs when the domain is in your SPF record on multiple lines  
for the TXT record.


Domain: algartelecom.com.br

TXT record:

 "v = spf1 ip4: 189.112.116.20 ip4: 200.170.137.98 ip4: 200 170 169  
128 ip4: 20

0.225.197.0/24 ip4: 200 225 223 133 ip4: 201.16.216.25 ip4: 201.48.140.94 "
 "include: 17386.meuspf.com include: 21316.meuspf.com include:  
spf.protectio

n.outlook.com include: spf.virtualtarget.com.br a mx -all "

Error courier:

Nov 3 12:38:07 mail courieresmtpd: error, relay = :: : 65.55.169.54, from  
= : 517 SPF neutral marc...@algartelecom.com.br:  
Address does not pass the Sender Policy Framework


http://tools.ietf.org/html/rfc4408#section-3.1.4
 


http://tools.ietf.org/html/rfc4408#section-3.1.3>3.1.3. Multiple Strings  
in a Single DNS record




 
   As defined in [http://tools.ietf.org/html/rfc1035>RFC1035] sections < 
URL:http://tools.ietf.org/html/rfc4408#section-3.3.14>3.3.14 and tools.ietf.org/html/rfc4408#section-3.3>3.3, a single text DNS

   record (either TXT or SPF RR types) can be composed of more than one
   string.  If a published record contains multiple strings, then the
   record MUST be treated as if those strings are concatenated together
   without adding spaces.  For example:

  IN TXT "v=spf1  first" "second string..."

   MUST be treated as equivalent to

  IN TXT "v=spf1  firstsecond string..."

   SPF or TXT records containing multiple strings are useful in
   constructing records that would exceed the 255-byte maximum length of
   a string within a single TXT or SPF RR record.


How to fix this error?


The SPF resolver in Courier does not yet implement multiple strings. RFC  
4408 is relatively new, and not all mail servers support it, yet.


pgp2k2saxZxY2.pgp
Description: PGP signature
--
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

[courier-users] Courier and rfc 4408 spf

2014-11-04 Thread mariobetim 
Hi,
 
The problem occurs when the domain is in your SPF record on multiple lines for the TXT record. Domain: algartelecom.com.br TXT record:  "v = spf1 ip4: 189.112.116.20 ip4: 200.170.137.98 ip4: 200 170 169 128 ip4: 20 0.225.197.0/24 ip4: 200 225 223 133 ip4: 201.16.216.25 ip4: 201.48.140.94 " "include: 17386.meuspf.com include: 21316.meuspf.com include: spf.protectio n.outlook.com include: spf.virtualtarget.com.br a mx -all "Error courier: Nov 3 12:38:07 mail courieresmtpd: error, relay = :: : 65.55.169.54, from = : 517 SPF neutral marc...@algartelecom.com.br: Address does not pass the Sender Policy Framework http://tools.ietf.org/html/rfc4408#section-3.1.4
 

3.1.3.  Multiple Strings in a Single DNS record


   As defined in [RFC1035] sections 3.3.14 and 3.3, a single text DNS
   record (either TXT or SPF RR types) can be composed of more than one
   string.  If a published record contains multiple strings, then the
   record MUST be treated as if those strings are concatenated together
   without adding spaces.  For example:

  IN TXT "v=spf1  first" "second string..."

   MUST be treated as equivalent to

  IN TXT "v=spf1  firstsecond string..."

   SPF or TXT records containing multiple strings are useful in
   constructing records that would exceed the 255-byte maximum length of
   a string within a single TXT or SPF RR record.How to fix this error?Thanks

 
 
---[ www.tvuniversal.com ]--- "A graça de nosso Senhor Jesus Cristo seja com todos vós."
 
--
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users