Re: [courier-users] Courier and rfc 4408 spf
On Tue 04/Nov/2014 21:48:28 +0100 Hanno Böck wrote: > Am Tue, 4 Nov 2014 13:23:25 +0100 > schrieb Matus UHLAR - fantomas : > >> you should be glad you are receiving neutral, the SPF checker at >> http://www.kitterman.com/spf/validate.html gives something different: >> >> >> Results - PermError SPF Permanent Error: Too many DNS lookups Same for https://dmarcian.com/spf-survey/algartelecom.com.br Error present! Receivers are unable to use this SPF record to determine authenticity: Too many DNS lookups (count=15) > I get this for all my domains. > They use a single include for spf. I don't think that's unreasonable. > > Looks to me as this tool is broken, not the spf config. Not according to https://dmarcian.com/spf-survey/hboeck.de If you look at the bottom of that page, that tool found 4 occurrences of the same block, and "compiles" your records into one that works without requiring further lookups from the receiving server: v=spf1 ip4:46.4.40.247 ip4:46.4.40.248 ip4:88.198.101.58 ip4:178.63.68.90 ip4:178.63.68.96 ip6:2a01:4f8:121:1ffe::/64 ip6:2a01:4f8:131:6ffe::/64 -all Ale -- ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Courier and rfc 4408 spf
Am Tue, 4 Nov 2014 13:23:25 +0100 schrieb Matus UHLAR - fantomas : > you should be glad you are receiving neutral, the SPF checker at > http://www.kitterman.com/spf/validate.html gives something different: > > > Results - PermError SPF Permanent Error: Too many DNS lookups I get this for all my domains. They use a single include for spf. I don't think that's unreasonable. Looks to me as this tool is broken, not the spf config. -- Hanno Böck http://hboeck.de/ mail/jabber: ha...@hboeck.de GPG: BBB51E42 signature.asc Description: PGP signature -- ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Courier and rfc 4408 spf
On 04.11.14 09:08, mariobe...@bol.com.br wrote: > Hi, please, turn off HTML mail for mailing lists. > The problem occurs when the domain is in your SPF record on multiple lines > for the TXT record. > > Domain: algartelecom.com.br > > TXT record: > > "v = spf1 ip4: 189.112.116.20 ip4: 200.170.137.98 ip4: 200 170 > 169 128 ip4: 20 > 0.225.197.0/24 ip4: 200 225 223 133 ip4: 201.16.216.25 ip4: 201.48.140.94 > " > "include: 17386.meuspf.com include: 21316.meuspf.com include: > spf.protectio > n.outlook.com include: spf.virtualtarget.com.br a mx -all " ... thanks fo HTML this record is horribly broken. > > Error courier: > > Nov 3 12:38:07 mail courieresmtpd: error, relay = :: : 65.55.169.54, > from = : 517 SPF neutral > marc...@algartelecom.com.br: Address does not pass the Sender Policy > Framework you should be glad you are receiving neutral, the SPF checker at http://www.kitterman.com/spf/validate.html gives something different: Results - PermError SPF Permanent Error: Too many DNS lookups ...no wonder, there are too many included records... -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. 2B|!2B, that's a question! -- ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Courier and rfc 4408 spf
mariobe...@bol.com.br writes: « HTML content follows » Hi, The problem occurs when the domain is in your SPF record on multiple lines for the TXT record. Domain: algartelecom.com.br TXT record: "v = spf1 ip4: 189.112.116.20 ip4: 200.170.137.98 ip4: 200 170 169 128 ip4: 20 0.225.197.0/24 ip4: 200 225 223 133 ip4: 201.16.216.25 ip4: 201.48.140.94 " "include: 17386.meuspf.com include: 21316.meuspf.com include: spf.protectio n.outlook.com include: spf.virtualtarget.com.br a mx -all " Error courier: Nov 3 12:38:07 mail courieresmtpd: error, relay = :: : 65.55.169.54, from = : 517 SPF neutral marc...@algartelecom.com.br: Address does not pass the Sender Policy Framework http://tools.ietf.org/html/rfc4408#section-3.1.4 http://tools.ietf.org/html/rfc4408#section-3.1.3>3.1.3. Multiple Strings in a Single DNS record As defined in [http://tools.ietf.org/html/rfc1035>RFC1035] sections < URL:http://tools.ietf.org/html/rfc4408#section-3.3.14>3.3.14 and tools.ietf.org/html/rfc4408#section-3.3>3.3, a single text DNS record (either TXT or SPF RR types) can be composed of more than one string. If a published record contains multiple strings, then the record MUST be treated as if those strings are concatenated together without adding spaces. For example: IN TXT "v=spf1 first" "second string..." MUST be treated as equivalent to IN TXT "v=spf1 firstsecond string..." SPF or TXT records containing multiple strings are useful in constructing records that would exceed the 255-byte maximum length of a string within a single TXT or SPF RR record. How to fix this error? The SPF resolver in Courier does not yet implement multiple strings. RFC 4408 is relatively new, and not all mail servers support it, yet. pgp2k2saxZxY2.pgp Description: PGP signature -- ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] Courier and rfc 4408 spf
Hi, The problem occurs when the domain is in your SPF record on multiple lines for the TXT record. Domain: algartelecom.com.br TXT record: "v = spf1 ip4: 189.112.116.20 ip4: 200.170.137.98 ip4: 200 170 169 128 ip4: 20 0.225.197.0/24 ip4: 200 225 223 133 ip4: 201.16.216.25 ip4: 201.48.140.94 " "include: 17386.meuspf.com include: 21316.meuspf.com include: spf.protectio n.outlook.com include: spf.virtualtarget.com.br a mx -all "Error courier: Nov 3 12:38:07 mail courieresmtpd: error, relay = :: : 65.55.169.54, from =: 517 SPF neutral marc...@algartelecom.com.br: Address does not pass the Sender Policy Framework http://tools.ietf.org/html/rfc4408#section-3.1.4 3.1.3. Multiple Strings in a Single DNS record As defined in [RFC1035] sections 3.3.14 and 3.3, a single text DNS record (either TXT or SPF RR types) can be composed of more than one string. If a published record contains multiple strings, then the record MUST be treated as if those strings are concatenated together without adding spaces. For example: IN TXT "v=spf1 first" "second string..." MUST be treated as equivalent to IN TXT "v=spf1 firstsecond string..." SPF or TXT records containing multiple strings are useful in constructing records that would exceed the 255-byte maximum length of a string within a single TXT or SPF RR record.How to fix this error?Thanks ---[ www.tvuniversal.com ]--- "A graça de nosso Senhor Jesus Cristo seja com todos vós." -- ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users