stdout

Thu, 28 Jun 2012

DNS propagated

Now it works.

[21:21] | [] | DNS propagated

Experimenting with SPF

Setting up SPF on a domain that doesn't normally do email (specifically this one, mstevens.org), for experimental purposes.

Found one problem so far - I specified my SPF record as v=spf1 mx -all. I then sent a test email to google, and it was rejected with:

Received-SPF: fail (google.com: domain of mstevens@mstevens.org does not designate 2001:ba8:1f1:f1ef::2 as permitted sender) client-ip=2001:ba8:1f1:f1ef::2;
Authentication-Results: mx.google.com; spf=hardfail (google.com: domain of mstevens@mstevens.org does not designate 2001:ba8:1f1:f1ef::2 as permitted sender) smtp.mail=mstevens@mstevens.org; dkim=pass (test mode) header.i=@mstevens.org

The mx defined for the domain is on IPv4 and IPv6, and has A and AAAA records. I was expecting the SPF record above to mark both as valid, but google doesn't seem to interpret it as valid.

Looking at the discussion at a thread on the SPF mailing list I think it probably should be considered valid, although I'm not certain. Anyway, I've updated the SPF record with a ip6 entry for the specific IP address, hopefully that'll sort it. Possibly there's a bug in the google implementation, but I wouldn't know who to contact!

Waiting for the DNS to propagate and see if the change helps.

[20:18] | [] | Experimenting with SPF

< June 2012 >
SuMoTuWeThFrSa
      1 2
3 4 5 6 7 8 9
10111213141516
17181920212223
24252627282930

Contact: Michael Stevens <mstevens@etla.org>

RSS: RSS feed

Atom: Atom feed

Valid XHTML 1.0!

Valid CSS!