Hello everyone,
This is my first time posting here, and I'm not sure if it's the right
place or not to ask my question. This is a general DNS question,
specifically, I think, SPF.
(Btw, I do use Bind in my system, so that's why I'm here.)
I host email using SmarterMail, and all 400+ customers either use a
regular email client (desktop app/mobile device) or the webmail interface.
One particular customer wants to use Gmail as their email client for
sending email from their domain. I helped set up the settings at gmail
for the SMTP server, and did the google-siteverification and added
_include:gmail.com_ to the SPF TXT record, as well as DKIM and DMARC
configured. I get green lights for the domain from Dmarcian (well, they
said I had a duplicate SPF value, which I have removed).
The emails that get sent *do* arrive for other users on my email server,
but *not* to email addresses off-server, ie; @live.com
I can see the traffic from gmail in my logs, and it appears the emails
are sent, but they do not arrive.
Stumped. Any spare brain cells available out there would be appreciated.
Thanks,
Mik
Mik Muller, president
Montague WebWorks
20 River Street, Greenfield, MA
413-320-5336
http://MontagueWebWorks.com
Powered by ROCKETFUSION
On 1/7/2023 3:11 PM, Anders Löwinger wrote:
Hi
I have some trouble with the parental-agents. Anyone seen this
before/can give me a clue to get this working?
Tried with my two recursive resolvers first, then localhost. No
difference.
From the log
named[3420650]: zone lowinger.se/IN (signed): checkds: empty DS
response from 2a00:f680:100:1501::32#53
named[3420650]: zone lowinger.se/IN (signed): checkds: empty DS
response from 2a00:f680:10:1501::33#53
named[3428351]: zone lowinger.se/IN (signed): checkds: empty DS
response from 127.0.0.1#53
zone "lowinger.se" {
type primary;
file "lowinger.se";
dnssec-policy lowinger-policy;
inline-signing yes;
// parental-agents {
// 2a00:f680:100:1501::32;
// 2a00:f680:100:1501::33;
// };
parental-agents { 127.0.0.1; };
};
BIND 9.18.10-1+ubuntu22.04.1+isc+1-Ubuntu (Stable Release) <id:>*
*
dig has no problem resolving the DS record.
# dig @127.0.0.1 lowinger.se ds +short
59647 14 2 825E888C2FAA4F70241467A257C02C66AD5DAFDB818253B7FEB52DA4
BEB071CA
# dig @2a00:f680:100:1501::32 lowinger.se ds +short
59647 14 2 825E888C2FAA4F70241467A257C02C66AD5DAFDB818253B7FEB52DA4
BEB071CA
# dig @2a00:f680:100:1501::33 lowinger.se ds +short
59647 14 2 825E888C2FAA4F70241467A257C02C66AD5DAFDB818253B7FEB52DA4
BEB071CA
--
Regards / Med vänlig hälsning
Anders Löwinger, CEO, Abundo AB, +46 72 206 0322
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
