Subject: | Bug for Mail-SPF-Query |
Date: | Fri, 1 Sep 2006 12:41:56 -0700 |
To: | <bug-Mail-SPF-Query [...] rt.cpan.org> |
From: | "Mr. Courtney Creighton" <dg [...] dezignguy.com> |
Redhat Enterprise Linux 3 (Taroon Update 8) with Kernel 2.4.21-47.EL
Perl 5.8.1
My spam filter (ASSP - assp.sourceforge.net) is rejecting mail from a user on
eskimo.com because of an SPF failure. I checked Mail-SPF-Query itself to isolate
the issue, since it appeared that ASSP relied fully on the Mail-SPF-Query module
to do all the work. Eskimo.com only lists two MX servers in their dns records,
ultra5 and ultra6, but this user is sending his outgoing mail through
ultra7.eskimo.com (204.122.16.70), and eskimo.com says that server is what he
should be using. And they think that the 'ptr' in their SPF record should cover
that situation and allow it, however Mail-SPF-Query returns an spf fail for this
setup.
Eskimo.com's SPF record is:
text = "v=spf1 mx ptr -all"
So even though 'ultra7.eskimo.com' doesn't match as an MX, it does seem to have
a PTR record that should match:
http://www.dnsstuff.com/tools/ptr.ch?ip=204.122.16.70
However, Mail-SPF-Query seems to ignore that and return SPF-Fail anyways.
I see that spf.pobox.com's comment on using PTR in SPF is "Expensive, unreliable
and not recommended". So I don't know why eskimo.com insists on relying solely
on their ptr record for their outgoing user email through this server. But
still, the SPF site says the mail should go through.
This is the direct query to spfquery that I tried:
spfquery --sender postmaster@eskimo.com --helo ultra7.eskimo.com --ip
204.122.16.70
fail
Please see
http://spf.pobox.com/why.html?sender=postmaster%40eskimo.com&ip=204.122.16.70&re
ceiver=spfquery
spfquery: domain of postmaster@eskimo.com does not designate 204.122.16.70 as
permitted sender
Received-SPF: fail (spfquery: domain of postmaster@eskimo.com does not designate
204.122.16.70 as permitted sender) client-ip=204.122.16.70;
envelope-from=postmaster@eskimo.com; helo=ultra7.eskimo.com;
Is there a reason that the PTR record is just not checked when using
Mail-SPF-Query? I saw a subroutine in Query.pm that looked like it should handle
this:
http://cpan.uwinnipeg.ca/htdocs/Mail-SPF-Query/Mail/SPF/Query.pm.html#get_ptr_do
main-
I want to find out if I should tell the eskimo.com user to put pressure on
eskimo.com to fix their SPF records, or if something needs done to
Mail-SPF-Query?
Thanks,
-Courtney