| Linode Forum https://forum.linode.com/ |
|
| SpamAssassin test says "SPF:HELO does not match SPF record" https://forum.linode.com/viewtopic.php?f=11&t=11660 |
Page 1 of 1 |
| Author: | dtrace [ Tue Mar 10, 2015 3:13 am ] |
| Post subject: | SpamAssassin test says "SPF:HELO does not match SPF record" |
I've got a single server with a single IP and I'm setting up a single domain at this time. I'll be adding a few more later on and want to send from them, but at the moment, I'm trying to properly configure SPF. It seems to be properly configured according to test via google, but testing via mail-tester.com says "SPF: HELO does not match SPF record (fail)" and points me to the page on the SPF site which says the following: "mail-tester.com rejected a message from a mail server claiming to be mars.domain.com. mail-tester.com received a message from mars.domain.com (xxx.xxx.xxx.xxx) from a mail server claiming to be mars.domain.com. However, the domain mars.domain.com has declared using SPF that it does not send mail through mars.domains.com (xxx.xxx.xxx.xxx). That is why the message was rejected." I've been reading the SPF documentation repeatedly and still can not exactly comprehend what is the correct syntax to use. Here is my current DNS. MX mars.domain.com 10 A xxx.xxx.xxx.xxx * xxx.xxx.xxx.xxx www xxx.xxx.xxx.xxx mars xxx.xxx.xxx.xxx TXT v=spf1 mx -all * v=spf1 -all www v=spf1 -all mars v=spf1 mx -all As far as I understand, I have told it "hostnames that appear in mx records and have a matching A record are allowed to send". Which, in this case, you can see it is... So exactly what is missing, here?! openspf's page is suggesting I change it to "v=spf1 mx a:mars.domain.com -all" which seems unnecessary. I already have mars.domain.com with an SPF record and an A record, which should match the "mx" part of the spf1 definition, right? |
|
| Author: | obs [ Tue Mar 10, 2015 5:42 am ] |
| Post subject: | Re: SpamAssassin test says "SPF:HELO does not match SPF reco |
You own mars.domain.com wow that's awesome! ....Seriously we can't help without your domain/ip. |
|
| Author: | dtrace [ Tue Mar 10, 2015 5:57 am ] |
| Post subject: | Re: SpamAssassin test says "SPF:HELO does not match SPF reco |
A placeholder IP and domain doesn't alter whether it is syntactically accurate or the behavior that the configuration should expect, but thank you. Regards. |
|
| Author: | obs [ Tue Mar 10, 2015 8:38 am ] |
| Post subject: | Re: SpamAssassin test says "SPF:HELO does not match SPF reco |
No but it does mean no one can dig your dns records to see if the spf record is actually correct. But if you don't want to make things easier for us then fine, people won't help. |
|
| Author: | Stever [ Tue Mar 10, 2015 12:02 pm ] |
| Post subject: | Re: SpamAssassin test says "SPF:HELO does not match SPF reco |
Quote: mars v=spf1 mx -all This line says that the only allowed sender from the domain mars.domain.com is the MX for mars.domain.com which doesn't seem to exist. There are several ways to fix depending on your intent for using mars as a subdomain, but you probably want to either create an MX for mars.domain.com or change the "mx" to "a" in this line of the SPF. |
|
| Page 1 of 1 | All times are UTC-04:00 |
| Powered by phpBB® Forum Software © phpBB Group http://www.phpbb.com/ |
|