Solved

Problems With SPF and GMAIL

Posted on 2008-10-31
11
1,541 Views
Last Modified: 2013-12-18
Hi All
I am getting the following in GMAIL

Received-SPF: neutral (google.com: xx.xx.xx.xx.18 is neither permitted nor denied by best guess record for domain of me@news.mydomain.com) client-ip=xx.xx.xx.xx.18;

My SPF record is:
"v=spf1 ip4:xx.xx.xx.0/24 a mx a:news.mydomain.com a:mydomain.com mx:news.mydomain.com mx:mydomain.com  ~all"

Any clues ?

Thanks
0
Comment
Question by:http:// thevpn.guru
  • 6
  • 4
11 Comments
 
LVL 26

Expert Comment

by:jar3817
ID: 22848912
Looks ok, maybe google had trouble resolving it. That is a TXT record for your domain in public dns? Have you queried all authoritative servers to see if they all give the same answer?
0
 
LVL 19

Author Comment

by:http:// thevpn.guru
ID: 22848980
Can you present a sample dig to try ? Please
0
 
LVL 26

Expert Comment

by:jar3817
ID: 22849323
dig @1.2.3.4 -t txt news.mydomain.com

Do this for each nameserver (changing the 1.2.3.4 to the ip or hostname of the dns server.
0
 
LVL 19

Author Comment

by:http:// thevpn.guru
ID: 22849425
Strange I got

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 53051
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0


I.e. SERVFAIL
0
 
LVL 19

Author Comment

by:http:// thevpn.guru
ID: 22849534
OK fixed that now I am getting back the correct authorative answer on both servers.
0
Are end users causing IT problems again?

You’ve taken the time to design and update all your end user’s email signatures, only to find out they’re messing up the HTML, changing the font and ruining the imagery. What can you do to prevent this? Find out how you can save your signatures from end users today.

 
LVL 26

Expert Comment

by:jar3817
ID: 22850229
That was most likely your problem. Try sending email again and see if gmail sees the record now.
0
 
LVL 19

Author Comment

by:http:// thevpn.guru
ID: 22850654
Still same issue.
I am testing with http://www.kitterman.com/spf/validate.html


I get
Results - record processed without error.

The result of the test (this should be the default result of your record) was, ambiguous . The explanation returned was, SPF Ambiguity Warning: No MX records found for mx mechanism: news.mydomain.com

However a dig @x.y.z.c -t MX news.mydomain.com

Does correctly retrieve the MX record.



0
 
LVL 26

Accepted Solution

by:
jar3817 earned 250 total points
ID: 22857502
Did you try the MX lookup on all your nameservers?
0
 
LVL 19

Author Comment

by:http:// thevpn.guru
ID: 22857524
Yeah I do have two I tried the dig on both
The MX record is being returned correctly for mydomian.com but not for news.mydomain.com
0
 
LVL 13

Assisted Solution

by:Xyptilon2
Xyptilon2 earned 250 total points
ID: 22865361
Does your news.mydomain.com have it's own zone file perhaps?
0
 
LVL 19

Author Comment

by:http:// thevpn.guru
ID: 22865374
I have one zone called mydomain.com and the subdomain is simply an A record in the same zone file and the MX record for the subdomain is also within the zone of the parent.

At current time if I do a spf check it works for the parent domain but not for the subdomain.

If I do a dig directly on both of my DNS servers both return correct values for the MX records of mydomain.com and news.mydomain.com however only tools do not show the MX record for the subdomain.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Easy CSR creation in Exchange 2007,2010 and 2013
Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now