Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. SPF>
  3. Discuss
Email messages that are extremely un helpful...
gerberb at zenez
Jul 31, 2008, 9:01 AM
Post #1 of 12 (5083 views)
Permalink
Hello,

Today I received and email telling me I need SPF records. But with no
information. I sent an email back requesting headers but nothing came
back. This is worse than having no SPF. It really is spamming me. Below
is the email. I have SPF records that expect failures. What are they
talking about. One area, that I think SPF missed was CNAME. I have tons
of host/domain pairs with CNAME. I really dislike having to change every
CNAME into an A record.

--
Boyd Gerber <gerberb@zenez.com>
ZENEZ 1042 East Fort Union #135, Midvale Utah 84047


---------------------Bogus-SPF-Email----------------------------------
From spfrequired@cyberglobe.net Thu Jul 31 02:08:00 2008
Date: Thu, 31 Jul 2008 04:08:31 -0400
From: spfrequired@cyberglobe.net
To: gerberb@zenez.com
Subject: URGENT: Your DNS is missing a SPF record.

Dear Domain Owner,

Please note that your domain name is currently missing a SPF record to
notify other mail servers that you only allow mail delivery from your
specified mail servers.

On the 1st of January 2009, our mail server will be rejecting any mail
from domains that do not have a SPF record. Currently we see that your
domain name does not have a SPF record and therefore you are receiving
this message. If you do not manage your domain name, please contact your
Network Administrator, Internet Service Provider or Web Hosting Provider
and request them to add the SPF records within the DNS records for all
your domain names.

To fix this, please visit http://www.openspf.org and use the wizard that
is available there to assist you in creating your DNS TXT SPF record.
Once created, add this entry into your DNS management for your domain.

Until your SPF record are updated, you will be receiving this message each
day, until the 1st of January 2009, for each daily message you send to our
clients. When we reach January 2009, and you still have not fixed your
DNS TXT SPF records, your messages will no longer be received by our
clients.

Thank you for your understanding,
Cyberglobe Technical Support.
---------------------Bogus-SPF-Email----------------------------------



-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/
Powered by Listbox: http://www.listbox.com
Re: Email messages that are extremely un helpful... [ In reply to ]
scott at kitterman
Jul 31, 2008, 9:40 AM
Post #2 of 12 (4983 views)
Permalink
On Thursday 31 July 2008 12:01, Boyd Lynn Gerber wrote:
> Hello,
>
> Today I received and email telling me I need SPF records. But with no
> information. I sent an email back requesting headers but nothing came
> back. This is worse than having no SPF. It really is spamming me. Below
> is the email. I have SPF records that expect failures. What are they
> talking about. One area, that I think SPF missed was CNAME. I have tons
> of host/domain pairs with CNAME. I really dislike having to change every
> CNAME into an A record.

SPF works fine with CNAMES. If their implementation can't follow the CNAME,
then it's broken (I coded part of the CNAME support in pyspf and I know other
libraries support it too).

Scott K


-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/
Powered by Listbox: http://www.listbox.com
Re: Email messages that are extremely un helpful... [ In reply to ]
gerberb at zenez
Jul 31, 2008, 9:53 AM
Post #3 of 12 (4983 views)
Permalink
On Thu, 31 Jul 2008, Scott Kitterman wrote:
> On Thursday 31 July 2008 12:01, Boyd Lynn Gerber wrote:
> > Hello,
> >
> > Today I received and email telling me I need SPF records. But with no
> > information. I sent an email back requesting headers but nothing came
> > back. This is worse than having no SPF. It really is spamming me. Below
> > is the email. I have SPF records that expect failures. What are they
> > talking about. One area, that I think SPF missed was CNAME. I have tons
> > of host/domain pairs with CNAME. I really dislike having to change every
> > CNAME into an A record.
>
> SPF works fine with CNAMES. If their implementation can't follow the CNAME,
> then it's broken (I coded part of the CNAME support in pyspf and I know other
> libraries support it too).

I know pyspf supports it. I just do not understand where this came from.
The only thing I could find was that maybe a CNAME was being used. But a
dig did give me the apporiate TXT record which should have allowed them to
get an SPF fail.

I know, but today I have had about 30 emails telling me about lacking SPF
records. I really think there are broken libraries or something. I
finally went in and change 200 CNAMES to A records late yesterday.
People really need to provide headers rather than spamming. The email
really is a spam. No substance what's so ever. Broad general statements.
I have had SPF records from the very start. So this just really upsets
me. I use -all to fail any message not allowed by my record. I just
notice a coupld of emails claiming you can no use a ? before entries
before -all. Which according to RFC 4408 is reasonable. They must really
have a broken library, that does not follow the spec in any way shape or
form. I really do not know what they are talking about. Without headers
I am shooting in the dark at a problem I really should not have.

Thanks,

--
Boyd Gerber <gerberb@zenez.com>
ZENEZ 1042 East Fort Union #135, Midvale Utah 84047


-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/
Powered by Listbox: http://www.listbox.com
Re: Email messages that are extremely un helpful... [ In reply to ]
scott at kitterman
Jul 31, 2008, 10:03 AM
Post #4 of 12 (4985 views)
Permalink
On Thursday 31 July 2008 12:53, Boyd Lynn Gerber wrote:
> On Thu, 31 Jul 2008, Scott Kitterman wrote:
> > On Thursday 31 July 2008 12:01, Boyd Lynn Gerber wrote:
> > > Hello,
> > >
> > > Today I received and email telling me I need SPF records. But with no
> > > information. I sent an email back requesting headers but nothing came
> > > back. This is worse than having no SPF. It really is spamming me.
> > > Below is the email. I have SPF records that expect failures. What are
> > > they talking about. One area, that I think SPF missed was CNAME. I
> > > have tons of host/domain pairs with CNAME. I really dislike having to
> > > change every CNAME into an A record.
> >
> > SPF works fine with CNAMES. If their implementation can't follow the
> > CNAME, then it's broken (I coded part of the CNAME support in pyspf and I
> > know other libraries support it too).
>
> I know pyspf supports it. I just do not understand where this came from.
> The only thing I could find was that maybe a CNAME was being used. But a
> dig did give me the apporiate TXT record which should have allowed them to
> get an SPF fail.
>
> I know, but today I have had about 30 emails telling me about lacking SPF
> records. I really think there are broken libraries or something. I
> finally went in and change 200 CNAMES to A records late yesterday.
> People really need to provide headers rather than spamming. The email
> really is a spam. No substance what's so ever. Broad general statements.
> I have had SPF records from the very start. So this just really upsets
> me. I use -all to fail any message not allowed by my record. I just
> notice a coupld of emails claiming you can no use a ? before entries
> before -all. Which according to RFC 4408 is reasonable. They must really
> have a broken library, that does not follow the spec in any way shape or
> form. I really do not know what they are talking about. Without headers
> I am shooting in the dark at a problem I really should not have.
>
Sounds like it. AFAIK all the open source libraries support it.

IMO it's premature to reject mail from domains without SPF records and
spammers can get SPF records too, so I suspect their plan is not going to
give them the results they had hoped for (and that's without the bugs).

Personally, I haven't gotten any of these.

Scott K


-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/
Powered by Listbox: http://www.listbox.com
RE: [spf-discuss] Email messages that are extremely un helpful... [ In reply to ]
DevinG at 3sharp
Jul 31, 2008, 11:25 AM
Post #5 of 12 (4402 views)
Permalink
Boyd Lynn Gerber wrote:

> On Thu, 31 Jul 2008, Scott Kitterman wrote:

>> SPF works fine with CNAMES. If their implementation can't follow
>> the CNAME, then it's broken (I coded part of the CNAME support in
>> pyspf and I know other libraries support it too).

> I know pyspf supports it. I just do not understand where this came
> from. The only thing I could find was that maybe a CNAME was being
> used. But a dig did give me the apporiate TXT record which should
> have allowed them to get an SPF fail.

It depends on exactly where're you're using the CNAMEs. Say your main domain is bar.tld and it looks like:

@ORIGIN bar.tld
A 192.168.1.1
MX 10 mail.bar.tld
mail A 192.168.1.1
mail MX 10 mail.bar.tld
alias CNAME mail.bar.tld

If you have the domain foo.tld and it has

@ORIGIN foo.tld
CNAME bar.tld

then you're good.

If you have both a CNAME for foo.tld *and* an MX record:

@ORIGIN foo.tld
CNAME bar.tld
MX 10 mail.bar.tld

then your zone isn't RFC-compliant; you can't have CNAME co-exist with A, MX, or other types of RRs at the same domain level.

If you have this for foo.tld:

@ORIGIN foo.tld
A 192.168.1.1
MX 10 alias.bar.tld

then your zone isn't RFC-compliant; you must point an MX record to an A record, not a CNAME record.

None of these issues are SPF-specific, however, so it doesn't change the fact that whatever notification messages you're getting are very messed up.

--
Devin L. Ganger, Exchange MVP Email: deving@3sharp.com
3Sharp Phone: 425.882.1032
14700 NE 95th Suite 210 Cell: 425.239.2575
Redmond, WA 98052 Fax: 425.558.5710
(e)Mail Insecurity: http://blogs.3sharp.com/blog/deving/


-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/
Powered by Listbox: http://www.listbox.com
Re: Email messages that are extremely un helpful... [ In reply to ]
hmdmhdfmhdjmzdtjmzdtzktdkztdjz at gmail
Jul 31, 2008, 12:05 PM
Post #6 of 12 (4973 views)
Permalink
Boyd Lynn Gerber wrote:

> It really is spamming me.

Maybe report the UBE as spam, especially if it
violates RFC 3834.

> One area, that I think SPF missed was CNAME.

Why do you think that ? AFAIK SPF doesn't say
"don't follow CNAME", that is a rule in 2821bis
about MX.

>| On the 1st of January 2009, our mail server
>| will be rejecting any mail from domains that
>| do not have a SPF record.

IMO they'd better publish their future receiver
policy on a web page, and use its URL in their
future 5xx reject status codes.

Just "having" an SPF record could be a useless
"v=spf1 ?all" always NEUTRAL policy, this is by
definition the same as NONE (no policy).

>| Until your SPF record are updated, you will
>| be receiving this message each day, until
>| the 1st of January 2009, for each daily
>| message you send to our clients.

Sigh, the one thing that is always worse than
spam are wannabe-anti-spammers. You say you
have a policy, so is that s/wannabe/clueless/ ?

Frank



-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/
Powered by Listbox: http://www.listbox.com
RE: Email messages that are extremely un helpful... [ In reply to ]
DevinG at 3sharp
Jul 31, 2008, 12:25 PM
Post #7 of 12 (4970 views)
Permalink
Boyd Lynn Gerber wrote:

> On Thu, 31 Jul 2008, Scott Kitterman wrote:

>> SPF works fine with CNAMES. If their implementation can't follow
>> the CNAME, then it's broken (I coded part of the CNAME support in
>> pyspf and I know other libraries support it too).

> I know pyspf supports it. I just do not understand where this came
> from. The only thing I could find was that maybe a CNAME was being
> used. But a dig did give me the apporiate TXT record which should
> have allowed them to get an SPF fail.

It depends on exactly where're you're using the CNAMEs. Say your main domain is bar.tld and it looks like:

@ORIGIN bar.tld
A 192.168.1.1
MX 10 mail.bar.tld
mail A 192.168.1.1
mail MX 10 mail.bar.tld
alias CNAME mail.bar.tld

If you have the domain foo.tld and it has

@ORIGIN foo.tld
CNAME bar.tld

then you're good.

If you have both a CNAME for foo.tld *and* an MX record:

@ORIGIN foo.tld
CNAME bar.tld
MX 10 mail.bar.tld

then your zone isn't RFC-compliant; you can't have CNAME co-exist with A, MX, or other types of RRs at the same domain level.

If you have this for foo.tld:

@ORIGIN foo.tld
A 192.168.1.1
MX 10 alias.bar.tld

then your zone isn't RFC-compliant; you must point an MX record to an A record, not a CNAME record.

None of these issues are SPF-specific, however, so it doesn't change the fact that whatever notification messages you're getting are very messed up.

--
Devin L. Ganger, Exchange MVP Email: deving@3sharp.com
3Sharp Phone: 425.882.1032
14700 NE 95th Suite 210 Cell: 425.239.2575
Redmond, WA 98052 Fax: 425.558.5710
(e)Mail Insecurity: http://blogs.3sharp.com/blog/deving/


-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/
Powered by Listbox: http://www.listbox.com
Re: Re: Email messages that are extremely un helpful... [ In reply to ]
gerberb at zenez
Jul 31, 2008, 12:42 PM
Post #8 of 12 (4980 views)
Permalink
On Thu, 31 Jul 2008, Frank Ellermann wrote:
> Boyd Lynn Gerber wrote:
> > One area, that I think SPF missed was CNAME.
>
> Why do you think that ? AFAIK SPF doesn't say
> "don't follow CNAME", that is a rule in 2821bis
> about MX.

Well, since I changed the 200 CNAMES and put an SPF record for each one of
them, I have not received very many Mail-Daemon responses. It could be
that the just finished a spam run or what ever email, they claimed I sent.
Yesterday, I received 10,000 Mail-Daemon responses for email, I did not
send. today I have only had about 10. The only change I made was the
CNAME's. In a few of the Mail-Daemon response they claim I could no use a
? in front of my mechanism's before my -all. All the ones I looked at had
ignored or not used the CNAME TXT record. They claimed for example that

?ip:67.91.130.5 and ?a:etrn.xmission.com were invalid. Also that
zenez.com did not have and SPF record. I admit it is a bit of a different
DNS record, but I have used zenez.com this way since 1990. So I really
doubt that is the problem.

> >| Until your SPF record are updated, you will
> >| be receiving this message each day, until
> >| the 1st of January 2009, for each daily
> >| message you send to our clients.
>
> Sigh, the one thing that is always worse than
> spam are wannabe-anti-spammers. You say you
> have a policy, so is that s/wannabe/clueless/ ?

I think they are a clueless wannable.

--
Boyd Gerber <gerberb@zenez.com>
ZENEZ 1042 East Fort Union #135, Midvale Utah 84047


-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/
Powered by Listbox: http://www.listbox.com
Re: Re: Email messages that are extremely un helpful... [ In reply to ]
claire at marine-recruitment
Jul 31, 2008, 12:50 PM
Post #9 of 12 (4978 views)
Permalink
On 31/07/2008 20:05, Frank Ellermann wrote:
> Boyd Lynn Gerber wrote:
>
>
>> It really is spamming me.
>>
>
> Maybe report the UBE as spam, especially if it
> violates RFC 3834.
>
>
>> One area, that I think SPF missed was CNAME.
>>
>
> Why do you think that ? AFAIK SPF doesn't say
> "don't follow CNAME", that is a rule in 2821bis
> about MX.
>
>
>> | On the 1st of January 2009, our mail server
>> | will be rejecting any mail from domains that
>> | do not have a SPF record.
>>
>
> IMO they'd better publish their future receiver
> policy on a web page, and use its URL in their
> future 5xx reject status codes.
>
> Just "having" an SPF record could be a useless
> "v=spf1 ?all" always NEUTRAL policy, this is by
> definition the same as NONE (no policy).
>
>
>> | Until your SPF record are updated, you will
>> | be receiving this message each day, until
>> | the 1st of January 2009, for each daily
>> | message you send to our clients.
>>
>
> Sigh, the one thing that is always worse than
> spam are wannabe-anti-spammers. You say you
> have a policy, so is that s/wannabe/clueless/ ?
>
> Frank
>
>
I have received the same e-mail in the last couple of hours. It has no
headers but it does have all the links to the spf web site + listbox .com
The complete message + source is pasted below.

------------------------------------------------------------------------------

From - Thu Jul 31 17:09:03 2008
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
Date: Thu, 31 Jul 2008 04:08:31 -0400
From: spfrequired@cyberglobe.net
To: gerberb@zenez.com
Subject: URGENT: Your DNS is missing a SPF record.

Dear Domain Owner,

Please note that your domain name is currently missing a SPF record to
notify other mail servers that you only allow mail delivery from your
specified mail servers.

On the 1st of January 2009, our mail server will be rejecting any mail
from domains that do not have a SPF record. Currently we see that your
domain name does not have a SPF record and therefore you are receiving
this message. If you do not manage your domain name, please contact your
Network Administrator, Internet Service Provider or Web Hosting Provider
and request them to add the SPF records within the DNS records for all
your domain names.

To fix this, please visit http://www.openspf.org and use the wizard that
is available there to assist you in creating your DNS TXT SPF record.
Once created, add this entry into your DNS management for your domain.

Until your SPF record are updated, you will be receiving this message each
day, until the 1st of January 2009, for each daily message you send to our
clients. When we reach January 2009, and you still have not fixed your
DNS TXT SPF records, your messages will no longer be received by our
clients.

Thank you for your understanding,
Cyberglobe Technical Support.
---------------------Bogus-SPF-Email----------------------------------



-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/
Powered by Listbox: http://www.listbox.com

----------------------end-----------------------------------------

Claire


-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/
Powered by Listbox: http://www.listbox.com
Re: Re: Email messages that are extremely un helpful... [ In reply to ]
gerberb at zenez
Jul 31, 2008, 1:34 PM
Post #10 of 12 (4981 views)
Permalink
On Thu, 31 Jul 2008, Claire Campbell wrote:
> I have received the same e-mail in the last couple of hours. It has no headers
> but it does have all the links to the spf web site + listbox .com
> The complete message + source is pasted below.

I had included the entire email. I was found below my signature inside of

---------------------Bogus-SPF-Email----------------------------------
---------------------Bogus-SPF-Email----------------------------------

--
Boyd Gerber <gerberb@zenez.com>
ZENEZ 1042 East Fort Union #135, Midvale Utah 84047


-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/
Powered by Listbox: http://www.listbox.com
Re: Re: Email messages that are extremely un helpful... [ In reply to ]
scott at kitterman
Jul 31, 2008, 4:35 PM
Post #11 of 12 (4971 views)
Permalink
On Thursday 31 July 2008 15:50, Claire Campbell wrote:
...
> I have received the same e-mail in the last couple of hours. It has no
> headers but it does have all the links to the spf web site + listbox .com
> The complete message + source is pasted below.
...

This listbox footer makes me wonder if perhaps some of this isn't generated by
a member of the list. I seem to have misplaced my admin access to
spf-discuss. Someone who has it might want to see if anyone that might be
Cyberglobe Technical Support is subscribed.

Scott K


-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/
Powered by Listbox: http://www.listbox.com
Re: Email messages that are extremely un helpful... [ In reply to ]
hmdmhdfmhdjmzdtjmzdtzktdkztdjz at gmail
Jul 31, 2008, 5:00 PM
Post #12 of 12 (4969 views)
Permalink
Scott Kitterman wrote:

> I seem to have misplaced my admin access to spf-discuss.

Not in my portfolio, never got a round tuit for HELP and
DISCUSS. And the activity on WEBMASTERS is rather low ;-)

But after Stuart's explanation s/ip:/ip4:/ plus a chance
that it's related to CNAME records still cached somewhere
maybe the problem goes away tomorrow.

Frank



-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/
Powered by Listbox: http://www.listbox.com

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal