Hi,
we are a google postmaster tool user, and regularly check
our setup.
Recently, there's a new dashboard at the google postmaster tool,
and it reports our (nepustil.net) SPF record as 'failed'.
We have another (customer) domain, vhs-tuebingen.de, and
it also reports our SPF/DKIM records as 'fa
Am 15.08.2024 um 13:43:39 Uhr schrieb Kurt Jaeger via mailop:
> Recently, there's a new dashboard at the google postmaster tool,
> and it reports our (nepustil.net) SPF record as 'failed'.
>
> We have another (customer) domain, vhs-tuebingen.de, and
> it also reports our SPF/DKIM records as 'fail
Hi,
> We have another (customer) domain, vhs-tuebingen.de, and
> it also reports our SPF/DKIM records as 'failed'.
The error when a mail is sent from that domain to gmail is:
550-5.7.26 SPF [] with ip: [212.71.211.41] = did not pass
--
p...@opsec.eu+49 171 3101372
That seems correct because it is in fact not included in the SPF record for
nepustil.net, but it is for vhs-tuebingen.de.
Checked with:
https://mxtoolbox.com/SuperTool.aspx?action=spf%3anepustil.net%3a212.71.211.41&run=toolpage
Best regards,
Ilja Nedilko
-Original Message-
From: mailop
Am 15.08.2024 um 14:20:09 Uhr schrieb Kurt Jaeger via mailop:
> > We have another (customer) domain, vhs-tuebingen.de, and
> > it also reports our SPF/DKIM records as 'failed'.
>
> The error when a mail is sent from that domain to gmail is:
>
> 550-5.7.26 SPF [] with ip: [212.71.211.41] = did
Hi!
> Am 15.08.2024 um 14:20:09 Uhr schrieb Kurt Jaeger via mailop:
>
> > > We have another (customer) domain, vhs-tuebingen.de, and
> > > it also reports our SPF/DKIM records as 'failed'.
> >
> > The error when a mail is sent from that domain to gmail is:
> >
> > 550-5.7.26 SPF [] with ip:
Hello!
I noticed that some machines from MS query strange things:
Instead of TXT, they query A for the DKIM stuff.
Internet Protocol Version 6, Src: 2603:1062:0:8f::11
(2603:1062:0:8f::11), Dst: srv1.x (2a01:x) User
Datagram Protocol, Src Port: 44268 (44268), Dst Port: domain (53)
Domain
Am 15.08.2024 um 14:35:35 Uhr schrieb Kurt Jaeger via mailop:
> Is it possible that gmail finds the <> envelope-from cheesy and
> choose to reject ?
No. If you use MAIL FROM: <>, the SPF doesn't work for MAIL FROM.
It will use the SPF (TXT) record for the domain name of the sending
SMTP server.
Am 15.08.2024 um 14:47:07 Uhr schrieb Marco Moock via mailop:
> Instead of TXT, they query A for the DKIM stuff.
I now have a guess.
Maybe this is a way of QNAME minimization with A records instead of NS
because some authoritative servers seems to have problems with NS
records.
https://www.rfc-e
Hi!
> > Is it possible that gmail finds the <> envelope-from cheesy and
> > choose to reject ?
>
> No. If you use MAIL FROM: <>, the SPF doesn't work for MAIL FROM.
>
> It will use the SPF (TXT) record for the domain name of the sending
> SMTP server.
Ah, oh!
> If that mail gets out by mail.ex
Hi,
Wouldn't DKIM signing the OOF messages help? That way the authentication at
gmail's side would not fail.
Regards
Norbert
-Ursprüngliche Nachricht-
Von: mailop Im Auftrag von Marco Moock via mailop
Gesendet: Donnerstag, 15. August 2024 14:51
An: mailop@mailop.org
Cc: Kurt Jaeger
Be
Am 15.08.2024 um 15:07:40 Uhr schrieb Kurt Jaeger via mailop:
> Changed, tested, works. Thanks very much, this is a very special
> corner case -- that it will look up the SPF record for the rerverse
> DNS hostname was surprising.
Technically, it will lookup the name in the EHLO/HELO.
Make sure th
Am 15.08.2024 um 13:02:36 Uhr schrieb Fehlauer, Norbert via mailop:
> Wouldn't DKIM signing the OOF messages help? That way the
> authentication at gmail's side would not fail.
Sometimes true, but Google changed its policies and now require DKIM and
SPF for "bulk senders".
I dunno if they are con
Hi!
> Wouldn't DKIM signing the OOF messages help?
I tried that (see discussion on exim-users list), and no, it did not help.
https://lists.exim.org/lurker/thread/20240815.084640.af299dec.en.html
> That way the authentication at gmail's side would not fail.
That's what I assumed from the initi
Dnia 14.08.2024 o godz. 16:30:23 Dave Crocker via mailop pisze:
>
> That is why I was careful not to argue against timeouts, per se, but
> merely not to consider expected distance as a factor.
>
> There are a number of reasons for needing timeouts. And the choice
> of how long or short one shoul
On 8/15/2024 10:27 AM, Jaroslaw Rafa via mailop wrote:
Well... yes and no 🙂. The famous case of "500 mile email" is always worth
to mention...
https://www.ibiblio.org/harris/500milemail.html
The story is wonderful. I enjoy it every time it surfaces. However it
is also irrelevant to the curre
16 matches
Mail list logo
