From: | Tommy |
---|---|
Date: | 4/3/21 6:10 AM |
Topic: | Suggestion for SPF |
Type: | General Discussions |
Post a follow up |
Some domains,such as lenovo.com has 19 TXT records, dhl.com has 16 TXT records. For such domain,even the SPF is only one,but with some DNS query,it may have errors,or only return 4-6 txt records,which the SPF is not at the query result. In that case,the spf result will be missing spf. For example: nslookup -qt=txt dhl.com 180.76.76.76---->ERROR All above China DNS resturn error or only return 4-6 records back. Hope there will be a function having a config file at the config folder,such as spfrecord.dat,you can add some spf such as below format: lenovo.com|v=spf1 include:spf.messagelabs.com include:_netblocks.eloqua.com include:spf.protection.outlook.com ip4:72.32.45.225 ~all dhl.com|v=spf1 include:dpdhl._spf.dhl.com include:3a._spf.dhl.com include:3b._spf.dhl.com include:3c._spf.dhl.com include:3d._spf.dhl.com include:3e._spf.dhl.com include:3f._spf.dhl.com include:mrsc._spf.dhl.com include:e2ma.net include:spf.mandrillapp.com ~all It is just like SPF cache,i think it will be useful for such case. |
|
Top |
From: | Synametrics Support |
---|---|
Date: | 4/5/21 11:37 AM |
Topic: | Suggestion for SPF |
Type: | General Discussions |
Post a follow up |
I could certainly add a feature request for this. However, I don't think it is practical to manually add SPF records for third-party servers. Not only it is way too much tedious work initially, but you will also have to constantly keep them up to date as companies could change their SPF records anytime. An easier solution would be to use a DNS server that does not have this issue. |
|
Top |
From: | Tommy |
---|---|
Date: | 4/5/21 10:52 PM |
Topic: | Suggestion for SPF |
Type: | General Discussions |
Post a follow up |
Maybe DHL.COM has some limit for some dns server. As some only return few records,not all txt records,some was rejected to query at all. Query MX record no prpblem,only txt record. Once you have SPF record to dump all IPs,it seems no problem. So i think manually add such config file is useful at this case. |
|
Top |
From: | Synametrics Support |
---|---|
Date: | 4/6/21 9:24 AM |
Topic: | Suggestion for SPF |
Type: | General Discussions |
Post a follow up |
Why not change your DNS server and use one that does not have this issue? Are you not able to do that on your end? |
|
Top |
From: | Tommy |
---|---|
Date: | 4/7/21 12:13 AM |
Topic: | Suggestion for SPF |
Type: | General Discussions |
Post a follow up |
dhl.com already delete some useless TXT record,at the moment,only 5 TXT record total,seems no problem now. There are too many forged,virus,phishing email of DHL,so if SPF problem,maybe some email will be checked as clean. lenovo.com still no change until now,some foreign DNS is not so stable at China,maybe it is GFW issue? Not issue,most of case,we use Tecent 119.29.29.29,Aliyun 223.5.5.5,baidu 180.76.76.76 DNS. If there is such function to add SPF record to config file,that will be good. As this problem happens only at such domains having too many TXT records. |
|
Top |
From: | Tommy |
---|---|
Date: | 4/7/21 12:17 AM |
Topic: | Suggestion for SPF |
Type: | General Discussions |
Post a follow up |
If I change to use google,opendns and other,maybe there is some DNS query timeout issue,some other domains maybe have SPF checking issues...... So hope there will be such function at next build. |
|
Top |
From: | Tommy |
---|---|
Date: | 5/19/21 12:22 AM |
Topic: | Suggestion for SPF |
Type: | General Discussions |
Post a follow up |
icicibank.com has 13 txt record,with google dns and opendns query,sometime it only return 6 record,and the SPF not among the result,in that case,it will have problem with SPF,DMARC.
|
|
Top |
From: | Anonymous |
---|---|
Date: | 5/28/21 12:16 AM |
Topic: | Suggestion for SPF |
Type: | General Discussions |
Post a follow up |
walmart.com has 18 txt records. Will have same issue |
|
Top |