Re: [mailop] Emailed notifications from facebook failing SPF checks
Frank, I forwarded this to someone there to ping you directly. Udeme On Thu, Jul 25, 2019 at 9:32 AM Frank Bulk via mailop wrote: > Our spam filtering vendor recently upgraded their platform and has improved > their SPF checking feature set. We can now tag on Permanent Failures, > which > we couldn't do before. > > We also noticed that email from notificat...@facebookmail.com was having a > Soft Failure. Turns out that facebook issues "mx-out.facebook.com" on the > HELO/EHLO, and that FQDN's SPF record doesn't include all the items that > are > listed in facebookmail.com's SPF record. > > root@nagios:/tmp# dig TXT mx-out.facebook.com +short | grep spf > "v=spf1 a ~all" > root@nagios:/tmp# dig TXT facebookmail.com +short | grep spf > "v=spf1 ip4:66.220.144.128/25 ip4:66.220.155.0/24 ip4:66.220.157.0/25 > ip4:69.63.178.128/25 ip4:69.63.181.0/24 ip4:69.63.184.0/25" " > ip4:69.171.232.0/24 ip4:69.171.244.0/23 -all" > root@nagios:/tmp# > > Best I can understand from the IETF RFC, it is appropriate to check the > HELO: https://tools.ietf.org/html/rfc7208#section-2.3 > > Anyone from fb on this list, or is there someone who knows the email or DNS > folk at facebook and can forward this to them for consideration? > > Regards, > > Frank > > > ___ > mailop mailing list > mailop@mailop.org > https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop > ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] Emailed notifications from facebook failing SPF checks
Speaking about Facebook.. wish they standardized naming conventions .. They seem to also have a real problem with sending to invalid email addresses, of course with their size it could simply be thousands of ppl with fat fingers but.. Would be nice to clearly know the behavioral differences between: 66.220.144.1701 66-220-144-170.mail-campmail.facebook.com 66.220.144.200 2 66-220-144-200.mail-pages.facebook.com 66.220.144.224 1 66-220-144-224.mail-pages.facebook.com 66.220.155.1703 66-220-155-170.mail-campmail.facebook.com 66.220.155.172 7 66-220-155-172.mail-campmail.facebook.com 66.220.155.173 7 66-220-155-173.mail-campmail.facebook.com .. and .. 66.220.144.143 (RS) 1 66-220-144-143.mail-mail.facebook.com 66.220.144.14438 66-220-144-144.mail-mail.facebook.com 66.220.144.14533 66-220-144-145.mail-mail.facebook.com 66.220.144.14630 66-220-144-146.mail-mail.facebook.com 66.220.144.14733 66-220-144-147.mail-mail.facebook.com 66.220.144.14836 66-220-144-148.mail-mail.facebook.com 66.220.144.14933 66-220-144-149.mail-mail.facebook.com 66.220.144.15031 66-220-144-150.mail-mail.facebook.com 66.220.155.1359 66-220-155-135.mail-mail.facebook.com 66.220.155.136 9 66-220-155-136.mail-mail.facebook.com 66.220.155.137 8 66-220-155-137.mail-mail.facebook.com 66.220.155.139 5 66-220-155-139.mail-mail.facebook.com 66.220.155.140 7 66-220-155-140.mail-mail.facebook.com 66.220.155.141 9 66-220-155-141.mail-mail.facebook.com 66.220.155.14210 66-220-155-142.mail-mail.facebook.com 66.220.155.143 8 66-220-155-143.mail-mail.facebook.com 66.220.155.144 5 66-220-155-144.mail-mail.facebook.com 66.220.155.145 8 66-220-155-145.mail-mail.facebook.com 66.220.155.146 8 66-220-155-146.mail-mail.facebook.com 66.220.155.147 9 66-220-155-147.mail-mail.facebook.com 66.220.155.148 9 66-220-155-148.mail-mail.facebook.com 66.220.155.149 8 66-220-155-149.mail-mail.facebook.com 66.220.155.15011 66-220-155-150.mail-mail.facebook.com 66.220.155.15138 66-220-155-151.mail-mail.facebook.com 66.220.155.15235 66-220-155-152.mail-mail.facebook.com 66.220.155.153 (RS) 2 66-220-155-153.mail-mail.facebook.com 66.220.155.15435 66-220-155-154.mail-mail.facebook.com 66.220.155.15543 66-220-155-155.mail-mail.facebook.com 66.220.155.15639 66-220-155-156.mail-mail.facebook.com 66.220.155.15744 66-220-155-157.mail-mail.facebook.com 66.220.155.15841 66-220-155-158.mail-mail.facebook.com .. and .. 69.171.232.128 18 69-171-232-128.mail-mail.facebook.com 69.171.232.12915 69-171-232-129.mail-mail.facebook.com 69.171.232.13013 69-171-232-130.mail-mail.facebook.com 69.171.232.13113 69-171-232-131.mail-mail.facebook.com 69.171.232.13212 69-171-232-132.mail-mail.facebook.com 69.171.232.13312 69-171-232-133.mail-mail.facebook.com 69.171.232.13415 69-171-232-134.mail-mail.facebook.com 69.171.232.13517 69-171-232-135.mail-mail.facebook.com 69.171.232.13616 69-171-232-136.mail-mail.facebook.com 69.171.232.13717 69-171-232-137.mail-mail.facebook.com 69.171.232.13815 69-171-232-138.mail-mail.facebook.com 69.171.232.13914 69-171-232-139.mail-mail.facebook.com 69.171.232.14034 69-171-232-140.mail-mail.facebook.com 69.171.232.14138 69-171-232-141.mail-mail.facebook.com 69.171.232.14231 69-171-232-142.mail-mail.facebook.com 69.171.232.14332 69-171-232-143.mail-mail.facebook.com 69.171.232.14436 69-171-232-144.mail-mail.facebook.com 69.171.232.14535 69-171-232-145.mail-mail.facebook.com 69.171.232.14645 69-171-232-146.mail-mail.facebook.com 69.171.232.14742 69-171-232-147.mail-mail.facebook.com 69.171.232.14847 69-171-232-148.mail-mail.facebook.com 69.171.232.14947 69-171-232-149.mail-mail.facebook.com 69.171.232.15043 69-171-232-150.mail-mail.facebook.com 69.171.232.15148 69-171-232-151.mail-mail.facebook.com As you can see t
[mailop] Emailed notifications from facebook failing SPF checks
Our spam filtering vendor recently upgraded their platform and has improved their SPF checking feature set. We can now tag on Permanent Failures, which we couldn't do before. We also noticed that email from notificat...@facebookmail.com was having a Soft Failure. Turns out that facebook issues "mx-out.facebook.com" on the HELO/EHLO, and that FQDN's SPF record doesn't include all the items that are listed in facebookmail.com's SPF record. root@nagios:/tmp# dig TXT mx-out.facebook.com +short | grep spf "v=spf1 a ~all" root@nagios:/tmp# dig TXT facebookmail.com +short | grep spf "v=spf1 ip4:66.220.144.128/25 ip4:66.220.155.0/24 ip4:66.220.157.0/25 ip4:69.63.178.128/25 ip4:69.63.181.0/24 ip4:69.63.184.0/25" " ip4:69.171.232.0/24 ip4:69.171.244.0/23 -all" root@nagios:/tmp# Best I can understand from the IETF RFC, it is appropriate to check the HELO: https://tools.ietf.org/html/rfc7208#section-2.3 Anyone from fb on this list, or is there someone who knows the email or DNS folk at facebook and can forward this to them for consideration? Regards, Frank ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop