SPAM CHECK - SPF: it seems to fail without a reason
Problem reported by Gabriele Maoret - SERSIS - 9/29/2020 at 11:52 PM
Not A Problem
I have found that in SPAM CHECKS the SPF test often fails for no real reason. Example:

[2020.09.30] 07:01:04.256 [6594745] Running SPF check
[2020.09.30] 07:01:04.256 [6594745] SPF PermError. IP: 194.105.55.74, Sender: admin_meteotrentino.it@meteotrentino.it, FailReason: Multiple SPF records
[2020.09.30]     SPF Record: v=spf1 ip4:194.105.55.74 ip4:194.105.55.77 ~all
[2020.09.30] 07:01:04.256 [6594745] Finished SPF check; result = PermError


It seems to me that this check must be OK, instead it fails with PermError.

Why?

3 Replies

Reply to Thread
1
Sébastien Riccio Replied
Hello,

To be honest SM is handling it correctly here. The sender domain is bogus about SPF, it has two entries and this is not allowed.


So it's a SPF PermError and and when this happens it should be handled like there was no SPF for the domain.

Kind regards.
Sébastien Riccio
System & Network Admin

0
Gabriele Maoret - SERSIS Replied
Hi Sébastien! You are right...
It is my mistake not to have done the test in MXTOOLBOX before writing.

But this still leads to a problem of poor understanding of the LOG, as in the LOG you only see a single SPF entry and therefore it seems that the DNS configuration is correct and it is not clear why the SPF check goes wrong.
2
Sébastien Riccio Replied
Yes quite true. It does however says : FailReason: Multiple SPF records, what sent me to mxtoolbox to check if it was true :)

I think SM is not used to have multiple records so the log output of the spf records probably ends at the first "newline" therefore not showing the second record...

 Cheers
Sébastien Riccio
System & Network Admin

Reply to Thread