I provided a ham sample off-list. Also, I've recently encountered a
similar issues with DHL - for example - them, several weeks ago, using
an alterate domain in the mail header FROM-address - that didn't
actually have ANY DNS records - crazy stuff like that - although I think
that they've since stopped using that particular domain name?
--Rob McEwen
On 8/2/2022 10:50 AM, Bill Cole wrote:
Bug 8021 reports breakage in SPF checking for dhl.com mail, due to an
inability to resolve theĀ SPF TXT record for dhl.com. That breakage is
essentially due to DHL having far too many TXT records (some are
clearly stale) and having a SPF record which is right at the limit of
complexity, having 10 'include' directives at the top level.
If anyone has samples of real legitimate mail from a dhl.com address,
please share. I'm seeking a way to reproduce the reported bug, which
strikes me as too stupid to be real; we SHOULD have noticed long
before now if SPF lookups were not handling UDP truncation of replies.
--
Rob McEwen, invaluement
