Mailing List Archive: Multiple TXT Records good/bad?

Multiple TXT Records good/bad?

Jun 15, 2009, 6:08 PM

Post #1 of 4 (6971 views)

I have setup TXT records for SPF1 and SPF2/MFROM. I have been running this
way for quite a while, but only recently tried the tools at spf.org. I
receive the following result:

An SPF-enabled mail server rejected a message that claimed an envelope
sender address of moongate1.com.

An SPF-enabled mail server received a message from x01.moongate1.net
(71.163.47.79) that claimed an envelope sender address of moongate1.com.

The domain moongate1.com has authorized x01.moongate1.net (71.163.47.79) to
send mail on its behalf, so the message should have been accepted. It is
impossible for us to say why it was rejected.

Could I be causing the problem by having the second TXT record?

moongate1.com txt v=spf1 ip4:71.163.47.64/27 include:aspmx.googlemail.com
-all

moongate1.com txt v=spf2.0/mfrom ip4:71.163.47.64/27
include:aspmx.googlemail.com -all

I also have deny all spf records on all specific subdomains and the catch
all *.moongate1.com

*.moongate1.com txt v=spf1 -all

*.moongate1.com txt v=spf2.0/mfrom -all

I would like to hear expert opinions on the multiple records question as
well as having records on all subdomains.

Thank you,

David S. Roberts

-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/1020/=now
RSS Feed: https://www.listbox.com/member/archive/rss/1020/
Powered by Listbox: http://www.listbox.com

RE: Multiple TXT Records good/bad? [ In reply to ]

steve at teamITS

Jun 16, 2009, 7:22 AM

Post #2 of 4 (6814 views)

Permalink

David S Roberts wrote on 6/15/2009 8:08:24 PM:

> An SPF-enabled mail server rejected a message that claimed an envelope
> sender address of moongate1.com.
>
> An SPF-enabled mail server received a message from x01.moongate1.net
> (71.163.47.79) that claimed an envelope sender address of
moongate1.com.
>
> The domain moongate1.com has authorized x01.moongate1.net
(71.163.47.79) to
> send mail on its behalf, so the message should have been accepted. It
is
> impossible for us to say why it was rejected.
>
> Could I be causing the problem by having the second TXT record?

As long as they are different then only the right one is used.
Did you send a message to the test address and get a rejection result?

I think you have a typo in your Sender ID record though... I
don't think "v=spf2.0/mfrom" should have the "v=" in it. But that
shouldn't affect SPF lookups.

-----
SPF FAQ: http://www.openspf.org/FAQ
Common mistakes: http://www.openspf.org/FAQ/Common_mistakes

- Steve Yates
- ITS, Inc.
- What are you doing?!? The message is over. GO AWAY!

~ Taglines by Taglinator: www.srtware.com ~

-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/1020/=now
RSS Feed: https://www.listbox.com/member/archive/rss/1020/
Powered by Listbox: http://www.listbox.com

RE: Multiple TXT Records good/bad? [ In reply to ]

droberts4 at moongate1

Jun 16, 2009, 5:57 PM

Post #3 of 4 (6822 views)

Permalink

Steve,
Thank you for the heads-up on my syntax error with Sender ID!

I didn't send the test message myself, I used the tool at:
http://www.openspf.org/Why?show-form=1&identity=moongate1.com&ip-address=71.
163.47.79&.submit=Submit. I have corrected my syntax error on the Sender ID
records. I'll wait for the TTL (1 hour) to expire and retest to see if that
had some strange impact.

Thank you,
David

-----Original Message-----
From: Steve Yates [mailto:steve@teamITS.com]
Sent: Tuesday, June 16, 2009 10:22 AM
To: spf-help@v2.listbox.com
Subject: RE: [spf-help] Multiple TXT Records good/bad?

David S Roberts wrote on 6/15/2009 8:08:24 PM:

> An SPF-enabled mail server rejected a message that claimed an envelope
> sender address of moongate1.com.
>
> An SPF-enabled mail server received a message from x01.moongate1.net
> (71.163.47.79) that claimed an envelope sender address of
moongate1.com.
>
> The domain moongate1.com has authorized x01.moongate1.net
(71.163.47.79) to
> send mail on its behalf, so the message should have been accepted. It
is
> impossible for us to say why it was rejected.
>
> Could I be causing the problem by having the second TXT record?

As long as they are different then only the right one is used.
Did you send a message to the test address and get a rejection result?

I think you have a typo in your Sender ID record though... I
don't think "v=spf2.0/mfrom" should have the "v=" in it. But that
shouldn't affect SPF lookups.

-----
SPF FAQ: http://www.openspf.org/FAQ
Common mistakes: http://www.openspf.org/FAQ/Common_mistakes

- Steve Yates
- ITS, Inc.
- What are you doing?!? The message is over. GO AWAY!

~ Taglines by Taglinator: www.srtware.com ~

-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/1020/=now
RSS Feed: https://www.listbox.com/member/archive/rss/1020/
Powered by Listbox: http://www.listbox.com

-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/1020/=now
RSS Feed: https://www.listbox.com/member/archive/rss/1020/
Powered by Listbox: http://www.listbox.com

RE: Multiple TXT Records good/bad? [ In reply to ]

steve at teamITS

Jun 17, 2009, 7:26 AM

Post #4 of 4 (6829 views)

Permalink

David S Roberts wrote on 6/16/2009 7:57:52 PM:

> I didn't send the test message myself, I used the tool at:
> http://www.openspf.org/Why

The form assumes you are entering the IP address of a mail
server that sent a message that was rejected, and you want to find out
why. Use the e-mail address at http://www.openspf.org/Tools to test.

-----
SPF FAQ: http://www.openspf.org/FAQ
Common mistakes: http://www.openspf.org/FAQ/Common_mistakes

- Steve Yates
- ITS, Inc.
- Computer science: solving today's problems tomorrow.

~ Taglines by Taglinator: www.srtware.com ~

-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/1020/=now
RSS Feed: https://www.listbox.com/member/archive/rss/1020/
Powered by Listbox: http://www.listbox.com