SPF false positive…?
snan opened this issue · 7 comments
Someone emailed me, saying
Also, your message failed SPF for domain "idiomdrottning.org" and was routed to my spam folder, not my inbox. (As well as being hit with a 326 second greylist delay.)
Actually that's odd. Manually checking SPF, it should pass.
Received: from halsen.idiomdrottning.org (halsen.idiomdrottning.org [74.207.231.133])
Yeah. IP of 74.207.231.133.
SPF authorized IP address... 74.207.231.133 via MX dereference.
I honestly don't know. I guess opendmarc just doesn't like your domain since everything else works just fine.
I don't understand this stuff very well. Is there something wrong?
(That person was me)
I see a few other issues here that reference some diagreeements between OpenDMARC and other SPF check scripts (like policyd-spf), where this thinks an SPF should fail, and something else says it should pass.
The only thing I see that's different about this email exchange is the use of UTF-8 SMTP, but I highly doubt that should actually cause an issue.
Also, technically this is a false negative. If someone wants the details:
SPF record for idiomdrottning.org: "v=spf1 mx a ~all;"
MXes for idiomdrottning.org: halsen.idiomdrottning.org
Addresses in question:
halsen.idiomdrottning.org: 74.207.231.133idiomdrottning.org: 74.207.231.133
MTA: Postfix
MUA: Delta Chat
It could be some IPv6 related issue, too…?
Not even possible. My network literally doesn't have IPv6 support (blame my ISP)
Note: is that trailing semicolon valid SPF?
Confirmed, it was not.
Not an OpenDMARC bug, bad SPF record. Though a lack of warning about malformed SPF makes that hard to debug.
The issue was indeed the trailing semicolon. Fixed on my end. If you guys wanna Postel that or not is up to you (I'd say yeah, but I don't really care that much).
(Edit: Also, apologies for wasting your time with this.)