SPF checking not well implemented?

ShadowofReason

New member
Joined
Dec 6, 2017
Messages
3
Location
EE, EU
Hi.

One of our clients was expecting an email, but the server rejected it for the following reason:

2019-12-30 10:16:02 SPFCheck: 1.2.3.4 is not allowed to send mail from mailserver.tld: Please see http://www.open-spf.org/[email protected]&ip=1.2.3.4&receiver=our.server.tld : Reason: mechanism

My first thought was that their SPF record was messed up but upon doing a quick <dig -t TXT mailserver.tld> I got this response:
"v=spf1 mx a:external.mailserver.tld ip4:7.8.9.0/28 include:spf.protection.outlook.com -all"


So here's the problem.
The spam blocker does check for "ip4:1.2.3.4" ( which isn't listed in the SPF as written ), but it doesn't check "a:external.mailserver.tld" (which translates to 1.2.3.4).

Is it a configuration issue or is it an actual bug? According to RFC "a:subdomain.domain.tld" should be enough aswell.

I had to hide actual IP addresses and domain names due to NDA reasons, hope the problem is clearly explained tho.
Thanks in advance!
 
Back
Top