Facebook
Twitter
R
REW Steven
Guest
PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE
Parallels Plesk Panel version 9.5.4
Operating system Linux 2.6.9-89.0.29.ELsmp
Red Hat Enterprise Linux ES release 4 (Nahant Update 8) 32bit
psa-spf2-1.2.9-10071607
# spfquery -version
spfquery version information:
SPF test system version: 3.0
Compiled with SPF library version: 1.2.9
Running with SPF library version: 1.2.9
PROBLEM DESCRIPTION AND STEPS TO REPRODUCE
The spfquery tool will fail if the domains DNS server refuses to respond to Type99 or SPF DNS Queries.
# spfquery -ip=204.187.151.130 [email protected] -helo=smtpmail.canwest.com
ACTUAL RESULT
StartError
Context: Failed to query MAIL-FROM
ErrorCode: (26) DNS lookup failure
Error: Temporary DNS failure for 'nanaimodailynews.com'.
EndError
(invalid)
EXPECTED RESULT
none
smtpmail.canwest.com: No applicable sender policy available
smtpmail.canwest.com: No applicable sender policy available
Received-SPF: none (smtpmail.canwest.com: No applicable sender policy available) receiver=web1.rewhosting.com; identity=helo; helo=smtpmail.canwest.com; client-ip=204.187.151.130
ANY ADDITIONAL INFORMATION
Running a tcpdump during the execution of spfquery shows the following
12:18:32.783588 IP 192.168.1.114.54175 > 72.3.128.241.domain: 16809+ Type99? nanaimodailynews.com. (38)
12:18:37.784055 IP 192.168.1.114.38262 > 72.3.128.240.domain: 16809+ Type99? nanaimodailynews.com. (38)
12:18:42.785299 IP 192.168.1.114.54175 > 72.3.128.241.domain: 16809+ Type99? nanaimodailynews.com. (38)
12:18:47.785578 IP 192.168.1.114.38262 > 72.3.128.240.domain: 16809+ Type99? nanaimodailynews.com. (38)
So its trying to get an answer for Type99 (which is not supported by the nameservers of nanaimodailynews.com) and never moves on to checking TXT records.
Running spfquery against our own name servers works fine since they respond to Type99 queries with no answers.
We also have the problem with a domain that has an SPF record in a TXT record, but their DNS server fails for Type99 queries.
12:03:35.024881 IP 192.168.1.114.43936 > 72.3.128.241.domain: 27062+ Type99? academymortgage.com. (37)
12:03:35.093737 IP 72.3.128.241.domain > 192.168.1.114.43936: 27062 ServFail 0/0/0 (37)
12:03:35.093808 IP 192.168.1.114.58522 > 72.3.128.240.domain: 27062+ Type99? academymortgage.com. (37)
12:03:35.165717 IP 72.3.128.240.domain > 192.168.1.114.58522: 27062 ServFail 0/0/0 (37)
12:03:35.165778 IP 192.168.1.114.43633 > 72.3.128.241.domain: 27062+ Type99? academymortgage.com. (37)
12:03:35.238770 IP 72.3.128.241.domain > 192.168.1.114.43633: 27062 ServFail 0/0/0 (37)
12:03:35.238825 IP 192.168.1.114.54589 > 72.3.128.240.domain: 27062+ Type99? academymortgage.com. (37)
12:03:35.303719 IP 72.3.128.240.domain > 192.168.1.114.54589: 27062 ServFail 0/0/0 (37)
Parallels Plesk Panel version 9.5.4
Operating system Linux 2.6.9-89.0.29.ELsmp
Red Hat Enterprise Linux ES release 4 (Nahant Update 8) 32bit
psa-spf2-1.2.9-10071607
# spfquery -version
spfquery version information:
SPF test system version: 3.0
Compiled with SPF library version: 1.2.9
Running with SPF library version: 1.2.9
PROBLEM DESCRIPTION AND STEPS TO REPRODUCE
The spfquery tool will fail if the domains DNS server refuses to respond to Type99 or SPF DNS Queries.
# spfquery -ip=204.187.151.130 [email protected] -helo=smtpmail.canwest.com
ACTUAL RESULT
StartError
Context: Failed to query MAIL-FROM
ErrorCode: (26) DNS lookup failure
Error: Temporary DNS failure for 'nanaimodailynews.com'.
EndError
(invalid)
EXPECTED RESULT
none
smtpmail.canwest.com: No applicable sender policy available
smtpmail.canwest.com: No applicable sender policy available
Received-SPF: none (smtpmail.canwest.com: No applicable sender policy available) receiver=web1.rewhosting.com; identity=helo; helo=smtpmail.canwest.com; client-ip=204.187.151.130
ANY ADDITIONAL INFORMATION
Running a tcpdump during the execution of spfquery shows the following
12:18:32.783588 IP 192.168.1.114.54175 > 72.3.128.241.domain: 16809+ Type99? nanaimodailynews.com. (38)
12:18:37.784055 IP 192.168.1.114.38262 > 72.3.128.240.domain: 16809+ Type99? nanaimodailynews.com. (38)
12:18:42.785299 IP 192.168.1.114.54175 > 72.3.128.241.domain: 16809+ Type99? nanaimodailynews.com. (38)
12:18:47.785578 IP 192.168.1.114.38262 > 72.3.128.240.domain: 16809+ Type99? nanaimodailynews.com. (38)
So its trying to get an answer for Type99 (which is not supported by the nameservers of nanaimodailynews.com) and never moves on to checking TXT records.
Running spfquery against our own name servers works fine since they respond to Type99 queries with no answers.
We also have the problem with a domain that has an SPF record in a TXT record, but their DNS server fails for Type99 queries.
12:03:35.024881 IP 192.168.1.114.43936 > 72.3.128.241.domain: 27062+ Type99? academymortgage.com. (37)
12:03:35.093737 IP 72.3.128.241.domain > 192.168.1.114.43936: 27062 ServFail 0/0/0 (37)
12:03:35.093808 IP 192.168.1.114.58522 > 72.3.128.240.domain: 27062+ Type99? academymortgage.com. (37)
12:03:35.165717 IP 72.3.128.240.domain > 192.168.1.114.58522: 27062 ServFail 0/0/0 (37)
12:03:35.165778 IP 192.168.1.114.43633 > 72.3.128.241.domain: 27062+ Type99? academymortgage.com. (37)
12:03:35.238770 IP 72.3.128.241.domain > 192.168.1.114.43633: 27062 ServFail 0/0/0 (37)
12:03:35.238825 IP 192.168.1.114.54589 > 72.3.128.240.domain: 27062+ Type99? academymortgage.com. (37)
12:03:35.303719 IP 72.3.128.240.domain > 192.168.1.114.54589: 27062 ServFail 0/0/0 (37)
