SPF_PermError with one include failing
Question asked by Robbie Wright - 3/25/2016 at 7:06 AM
One of hour hosted email clients has their bank sending them email. The bank has what appears to be a valid SPF record, which some tools will say is valid, but one of the includes in the SPF record has no valid SPF record for it. All the ip4 stuff is fine, a few other include records are fine, under 10 DNS lookups, etc, but this one invalid include in cause SM to PermError and send to spam.
I'm not an RFC specialist and it looks like this is a gray area anyway since some tools will give this record a pass and others will fail. Any insight on if SPF should perm_fail if one of the includes is invalid?

1 Reply

Reply to Thread
Henry Timmes Replied
Yeah, this is a gray area. I seen SPF Validated in two different ways.

1) Some places validate the entire SPF Record.
2) Some places will validate the SPF Record in order and once a match is found - they disregard the rest of it.

But based on what you are describing, the syntax is valid. So I would think this is a bug.

Reply to Thread