Solved

Problems With SPF and GMAIL

Posted on 2008-10-31
11
1,562 Views
Last Modified: 2013-12-18
Hi All
I am getting the following in GMAIL

Received-SPF: neutral (google.com: xx.xx.xx.xx.18 is neither permitted nor denied by best guess record for domain of me@news.mydomain.com) client-ip=xx.xx.xx.xx.18;

My SPF record is:
"v=spf1 ip4:xx.xx.xx.0/24 a mx a:news.mydomain.com a:mydomain.com mx:news.mydomain.com mx:mydomain.com  ~all"

Any clues ?

Thanks
0
Comment
Question by:http:// thevpn.guru
  • 6
  • 4
11 Comments
 
LVL 26

Expert Comment

by:jar3817
ID: 22848912
Looks ok, maybe google had trouble resolving it. That is a TXT record for your domain in public dns? Have you queried all authoritative servers to see if they all give the same answer?
0
 
LVL 19

Author Comment

by:http:// thevpn.guru
ID: 22848980
Can you present a sample dig to try ? Please
0
 
LVL 26

Expert Comment

by:jar3817
ID: 22849323
dig @1.2.3.4 -t txt news.mydomain.com

Do this for each nameserver (changing the 1.2.3.4 to the ip or hostname of the dns server.
0
Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

 
LVL 19

Author Comment

by:http:// thevpn.guru
ID: 22849425
Strange I got

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 53051
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0


I.e. SERVFAIL
0
 
LVL 19

Author Comment

by:http:// thevpn.guru
ID: 22849534
OK fixed that now I am getting back the correct authorative answer on both servers.
0
 
LVL 26

Expert Comment

by:jar3817
ID: 22850229
That was most likely your problem. Try sending email again and see if gmail sees the record now.
0
 
LVL 19

Author Comment

by:http:// thevpn.guru
ID: 22850654
Still same issue.
I am testing with http://www.kitterman.com/spf/validate.html


I get
Results - record processed without error.

The result of the test (this should be the default result of your record) was, ambiguous . The explanation returned was, SPF Ambiguity Warning: No MX records found for mx mechanism: news.mydomain.com

However a dig @x.y.z.c -t MX news.mydomain.com

Does correctly retrieve the MX record.



0
 
LVL 26

Accepted Solution

by:
jar3817 earned 250 total points
ID: 22857502
Did you try the MX lookup on all your nameservers?
0
 
LVL 19

Author Comment

by:http:// thevpn.guru
ID: 22857524
Yeah I do have two I tried the dig on both
The MX record is being returned correctly for mydomian.com but not for news.mydomain.com
0
 
LVL 13

Assisted Solution

by:Xyptilon2
Xyptilon2 earned 250 total points
ID: 22865361
Does your news.mydomain.com have it's own zone file perhaps?
0
 
LVL 19

Author Comment

by:http:// thevpn.guru
ID: 22865374
I have one zone called mydomain.com and the subdomain is simply an A record in the same zone file and the MX record for the subdomain is also within the zone of the parent.

At current time if I do a spf check it works for the parent domain but not for the subdomain.

If I do a dig directly on both of my DNS servers both return correct values for the MX records of mydomain.com and news.mydomain.com however only tools do not show the MX record for the subdomain.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
As tax season makes its return, so does the increase in cyber crime and tax refund phishing that comes with it
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

789 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question