Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. SPF>
  3. Help
Spencerstuart.com
luciano at vespaperitivo
Aug 1, 2008, 1:31 AM
Post #1 of 3 (3613 views)
Permalink
Hello,
I have a problem with the domain spencerstuart.com: my spf policy
demon (for postfix under linux) chokes with

Jul 31 19:05:38 baobab policyd-spf-fs[14969]: action=DUNNO Received-
SPF: pass (baobab.bilink.net: domain of spencerstuart.com designates
213.212.78.250 as permitted sender) client-ip=213.212.78.250; envelope-from=CCammareri@spencerstuart.com
; (ip=213.212.78.250 from=CCammareri@spencerstuart.com
helo=mx3.london.spencerstuart.com to=dcolombo@hotelmanin.it)
Jul 31 19:05:38 baobab policyd-spf-fs[14969]: IO Closed while reading,
exiting
Jul 31 19:05:38 baobab policyd-spf-fs[14969]: Terminating with result
0, Reincarnation: 3

I get a server configuration problem and the messages do not get in.
Their TXT record seems a bit strange to me, but I'm not a DNS expert:
# dig txt spencerstuart.com
;; Truncated, retrying in TCP mode.

; <<>> DiG 9.5.0-P1 <<>> txt spencerstuart.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37613
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 4, ADDITIONAL: 2

;; QUESTION SECTION:
;spencerstuart.com. IN TXT

;; ANSWER SECTION:
spencerstuart.com. 1800 IN TXT "v=spf1 mx a
redirect=_spf.spencerstuart.com"
spencerstuart.com. 1800 IN TXT "This is Spencer Stuart and Associates
DNS Zone." "" "This zone contains proprietry information, and may"
"not be used for any purpose other than for locating" "public services
provided by Spencer Stuart." "" "If you believe you have recieved SPAM
from this domain, please contact abuse@spencerstuart.com" "For
questions about the Nameservers, or technical aspects of the service,
please contact hostmaster@spencerstuart.com" "" "For all questions
regarding the use of our web site, please use webmaster@spencerstuart.com
" "" "Many Thanks!" "" "Spencer Stuart Systems."

;; AUTHORITY SECTION:
spencerstuart.com. 1800 IN NS ns0.spencerstuart.com.
spencerstuart.com. 1800 IN NS ns1.sungardns.com.
spencerstuart.com. 1800 IN NS ns2.sungardns.com.
spencerstuart.com. 1800 IN NS ns1.spencerstuart.com.

;; ADDITIONAL SECTION:
ns1.sungardns.com. 6867 IN A 207.19.96.18
ns2.sungardns.com. 6867 IN A 208.16.208.20

;; Query time: 129 msec
;; SERVER: 212.45.144.3#53(212.45.144.3)
;; WHEN: Fri Aug 1 10:28:35 2008
;; MSG SIZE rcvd: 759

Is it just me, or there is something wrong with the disclaimer?

Thanks in advance for any clues,

luciano.
--
/"\ /Via A. Salaino, 7 - 20144 Milano (Italy)
\ / ASCII RIBBON CAMPAIGN / PHONE : +39 2 485781 FAX: +39 2 48578250
X AGAINST HTML MAIL / E-MAIL: posthamster@sublink.sublink.ORG
/ \ AND POSTINGS / WWW: http://www.mannucci.ORG/




-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/1020/=now
RSS Feed: https://www.listbox.com/member/archive/rss/1020/
Powered by Listbox: http://www.listbox.com
Re: Spencerstuart.com [ In reply to ]
scott at kitterman
Aug 1, 2008, 4:54 AM
Post #2 of 3 (3530 views)
Permalink
On Fri, 1 Aug 2008 10:31:11 +0200 luciano mannucci
<luciano@vespaperitivo.it> wrote:
>Hello,
>I have a problem with the domain spencerstuart.com: my spf policy
>demon (for postfix under linux) chokes with
>
>Jul 31 19:05:38 baobab policyd-spf-fs[14969]: action=DUNNO Received-
>SPF: pass (baobab.bilink.net: domain of spencerstuart.com designates
>213.212.78.250 as permitted sender) client-ip=213.212.78.250;
envelope-from=CCammareri@spencerstuart.com
>; (ip=213.212.78.250 from=CCammareri@spencerstuart.com
>helo=mx3.london.spencerstuart.com to=dcolombo@hotelmanin.it)
>Jul 31 19:05:38 baobab policyd-spf-fs[14969]: IO Closed while reading,
>exiting
>Jul 31 19:05:38 baobab policyd-spf-fs[14969]: Terminating with result
>0, Reincarnation: 3
>
>I get a server configuration problem and the messages do not get in.
>Their TXT record seems a bit strange to me, but I'm not a DNS expert:
># dig txt spencerstuart.com
>;; Truncated, retrying in TCP mode.
>
>; <<>> DiG 9.5.0-P1 <<>> txt spencerstuart.com
>;; global options: printcmd
>;; Got answer:
>;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37613
>;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 4, ADDITIONAL: 2
>
>;; QUESTION SECTION:
>;spencerstuart.com. IN TXT
>
>;; ANSWER SECTION:
>spencerstuart.com. 1800 IN TXT "v=spf1 mx a
>redirect=_spf.spencerstuart.com"
>spencerstuart.com. 1800 IN TXT "This is Spencer Stuart and Associates
>DNS Zone." "" "This zone contains proprietry information, and may"
>"not be used for any purpose other than for locating" "public services
>provided by Spencer Stuart." "" "If you believe you have recieved SPAM
>from this domain, please contact abuse@spencerstuart.com" "For
>questions about the Nameservers, or technical aspects of the service,
>please contact hostmaster@spencerstuart.com" "" "For all questions
>regarding the use of our web site, please use webmaster@spencerstuart.com
>" "" "Many Thanks!" "" "Spencer Stuart Systems."
>
>;; AUTHORITY SECTION:
>spencerstuart.com. 1800 IN NS ns0.spencerstuart.com.
>spencerstuart.com. 1800 IN NS ns1.sungardns.com.
>spencerstuart.com. 1800 IN NS ns2.sungardns.com.
>spencerstuart.com. 1800 IN NS ns1.spencerstuart.com.
>
>;; ADDITIONAL SECTION:
>ns1.sungardns.com. 6867 IN A 207.19.96.18
>ns2.sungardns.com. 6867 IN A 208.16.208.20
>
>;; Query time: 129 msec
>;; SERVER: 212.45.144.3#53(212.45.144.3)
>;; WHEN: Fri Aug 1 10:28:35 2008
>;; MSG SIZE rcvd: 759
>
>Is it just me, or there is something wrong with the disclaimer?
>
>Thanks in advance for any clues,
>
It's legally dubious, but not technically wrong. As a guess, does your policy server support
falling back to TCP? Perhaps it's choking on the incomplete data in the UDP
reply.

Scott K


-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/1020/=now
RSS Feed: https://www.listbox.com/member/archive/rss/1020/
Powered by Listbox: http://www.listbox.com
Re: Spencerstuart.com [ In reply to ]
hmdmhdfmhdjmzdtjmzdtzktdkztdjz at gmail
Aug 1, 2008, 11:02 AM
Post #3 of 3 (3488 views)
Permalink
luciano mannucci wrote:

> # dig txt spencerstuart.com
> ;; Truncated, retrying in TCP mode.

Interesting. "Something" between you and the rest of
the Net does not yet support EDNS0, and therefore this
"something" tried TCP (and with `dig` that worked).

Optionally (a MAY in RFC 4408) your SPF implementation
could refuse to handle that scenario (truncation), and
treat it as NONE (= no policy).

> spencerstuart.com. 1800 IN TXT "v=spf1 mx a
> redirect=_spf.spencerstuart.com"

It can also accept the TCP answer, and process this SPF
policy as specified (certainly not NONE).

> spencerstuart.com. 1800 IN TXT "This is Spencer Stuart
[... long sermon by Spencer Stuart skipped ...]

But it MUST NOT choke on this, hm, poetry... :-)

> Is it just me, or there is something wrong with the
> disclaimer?

Nothing wrong with the disclaimer. But you could tell
Spencer that some SPF implementations MAY ignore his
policy when the complete RR set (all TXT records) is
too long for UDP. This "might" be not what he wants.

Frank



-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/1020/=now
RSS Feed: https://www.listbox.com/member/archive/rss/1020/
Powered by Listbox: http://www.listbox.com

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal