SPF softfail
FIXED- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Help with my Plusnet services
- :
- :
- Re: SPF softfail
16-03-2019 10:45 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
I'm sending emails to a Google account via the plusnet SMTP server from an email address registered with another ISP.
The received message header contains this warning:
Received-SPF: softfail (google.com: domain of transitioning myemailaddress does not designate
84.93.230.235 as permitted sender) client-ip=84.93.230.235; Authentication-Results: mx.google.com; spf=softfail (google.com: domain of transitioning myemailaddress does not designate 84.93.230.235 as permitted sender)
Can I add a DNS record to my other domain that will recognise plusnet as a permitted sender, if so how?
Thanks,
Mike
Fixed! Go to the fix.
16-03-2019 10:50 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Plusnet say they don't officially support SPF, but do have a record published from their early days that seems to still work ok.
In the DNS zone for your own domain try adding a TXT record:
v=spf1 include:madasafish.com
Re: SPF softfail
16-03-2019 11:00 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Thanks, I will try that
Mike
Re: SPF softfail
16-03-2019 11:47 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Moderators Note
This topic has been moved from ADSL Broadband to eMail
If it helped click the thumb
If it fixed it click 'This fixed my problem'
Re: SPF softfail
16-03-2019 12:00 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
@ccarmock wrote:
Plusnet say they don't officially support SPF, but do have a record published from their early days that seems to still work ok.
In the DNS zone for your own domain try adding a TXT record:
v=spf1 include:madasafish.com
I think that there might be some confusion here.
Plusnet do not support the addition of DNS TXT records (including SPF configurations) for domains hosted on PLUSNET's name servers. So if yourdomain.co.uk is hosted on your Plusnet account then it is not possible to configure a SPF record.
I read the OP as stating that the email address in question is that of another ISP's - in which case what Plusnet does of does not support in respect of SPF has no impact. If the user's ISP permits the configuration of TXT records on their DNS (name server) then setting up a text record as described will do what they want.
What is of interest here is why does the user want to relay a third party address via PlusNet's SMTP servers, rather than using the "home" SMTP for that address?
In another browser tab, login into the Plusnet user portal BEFORE clicking the fault & ticket links
Superusers are not staff, but they do have a direct line of communication into the business in order to raise issues, concerns and feedback from the community.
If this post helped, please click the Thumbs Up and if it fixed your issue, please click the This fixed my problem green button below.
Re: SPF softfail
16-03-2019 12:47 PM - edited 16-03-2019 12:49 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Elsewhere in the forums it states that Plusnet do not officially publish an SPF for mail routed through their SMTP relay (whichis a bit of an omission in my view), however they previously they did.
My interpretation of what the OP is trying to do is use Plusnet's SMTP relays for a domain that he has DNS hosting for held elsewhere. When he relays via Plusnet's SMTP he is seeing an SFP softfail.
As the assumption is he can add a DNS TXT entry elsewhere then what he needs to do is ensure Plusnet's SMTP servers are covered by that SPF record that he can create/edit, and he can designate Plusnet SMTP servers as authorised to send mail for his domain.
The point made elsewhere on the forums is that you have to use the madasafish SPF rather than one under the plus.net zone.
It would be quite possible to have a domain registration only with a company without taking SMTP relay services. That might be the setup the OP has, and hence wants to use his ISP's SMTP relay service - ie Plusnet.
Re: SPF softfail
16-03-2019 2:11 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Elsewhere in the forums it states...
A link would be helpful please.
In the context described PlusNet's support or not for SPF has no bearing on the matter.
If the user has the ability to set up a TXT SPF record in their domain's name server (referring to Plusnet or any other SMTP) then it will work irrespective of Plusnet's declared functionality. SPF checking is performed by the receiving MX not the sending MX.
In another browser tab, login into the Plusnet user portal BEFORE clicking the fault & ticket links
Superusers are not staff, but they do have a direct line of communication into the business in order to raise issues, concerns and feedback from the community.
If this post helped, please click the Thumbs Up and if it fixed your issue, please click the This fixed my problem green button below.
Re: SPF softfail
16-03-2019 3:15 PM - edited 16-03-2019 3:23 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Stated by Gandalf here
I don't fully agree that it has no bearing on the OPs question - see below, but the solution I provided should work in this case. As you rightly say SPF checking is done by the destination system.
What I do find slightly odd is Plusnet's own position on this, which I interpret as 'we don't publish an SPF for our SMTP relay service'. However as has been said there is a published SPF for mail relaying through Plusnet's in the madasafish.com domain.
So the correct way to do this is create an SPF record in the OPs domain that uses the include: syntax I provided. I believe Plusnet should officially maintain and therefore support an SPF for their SMTP relay service, which they update if any of the IP addresses of the SMTP service change, or they add additional hosts. That way anyone using include: in their own SPF will be safe.
Using the old, semi defunct, Madasafish domain doesn't seem to be good practice.
Re: SPF softfail
16-03-2019 9:30 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
If you read the whole of that topic, where the other SUs have sought to clarify matters, Gandalf was confusing what PLUSNET's name severs (DNS configuration interface) does or does not facilitate, which is not the same thing. Plusnet does not support SPF specification for hosted domains or the naked account domain.
As per further down that topic, the reference to madasafish.com is a catch all for all of PN's SMTP servers.
I reiterate, to do what the OP is requesting it matters not if Plusnet does or does not support SPF in any way in respect of the question asked.
In a very different context Plusnet has sought to implement SPF records for all myaccount.plus.com domains … but Gmail threw and even bigger paddy-fit than the one they are seeking to resolve.
In another browser tab, login into the Plusnet user portal BEFORE clicking the fault & ticket links
Superusers are not staff, but they do have a direct line of communication into the business in order to raise issues, concerns and feedback from the community.
If this post helped, please click the Thumbs Up and if it fixed your issue, please click the This fixed my problem green button below.
Re: SPF softfail
17-03-2019 10:11 AM - edited 17-03-2019 10:25 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Thanks everyone for your input to my question.
The simple reason that I'm using plusnet's server to send emails from another domain is that I need to send out emails from that address to members of a club The distribution list has 80 addresses but the other domain (Freeparking) only allows 50 per email whereas plusnet allows 200 I believe.
So I needed to know how to modify the Freeparking DNS records and I think you have given me the answer.
I will try it today and let you know if it works.
Mike
PS: I just found this helpful utility: spf.zone
Re: SPF softfail
17-03-2019 11:26 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Sorry, another question!
The existing Freeparking TXT record is:
"v=spf1 redirect=_spf.mailhostbox.com" with TTL = 38400.
If I understand the advice given correctly, I should change this to:
"v=spf1 include:madasafish.com include:_spf.mailhostbox.com ~all"
Do I have to wait for TTL to expire before seeing any change?
Thanks
Mike
Re: SPF softfail
17-03-2019 11:32 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Yes that should work.
You don't need to wait for the TTL to expire. The significance of the TTL here is that some systems that have cached your SPF entry can wait up to the TTL expiry before looking up the record again. So the sooner you make the change the sooner your update will propagate.
Re: SPF softfail
17-03-2019 11:37 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
All I am saying is that is is not unreasonable to expect Plusnet to publish and maintain an SPF record for their SMTP relay service. Given the Madasafish was an acquisition some time ago I would question that as the logical place to maintain it. I would have thought under the plus.net hierarchy would be a better place.
That was not clarified in the thread I linked to, just that someone suggested Plusnet *might* maintain the madasafish one if they made any changes, but no one from Plusnet confirmed that.
Re: SPF softfail
17-03-2019 3:07 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Including madasafish didn't fix the problem. I still get this warning from the receiving Gmail account:
ARC-Authentication-Results: i=1; mx.google.com; spf=softfail (google.com: domain of transitioning fromaddress does not designate 212.159.14.19 as permitted sender) smtp.mailfrom=fromaddress Return-Path: <fromaddress> Received: from avasout04.plus.net (avasout04.plus.net. [212.159.14.19]) by mx.google.com with ESMTPS id o9si3905685wrq.107.2019.03.17.07.48.30 for <destination@gmail.com> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 17 Mar 2019 07:48:30 -0700 (PDT) Received-SPF: softfail (google.com: domain of transitioning fromaddress does not designate 212.159.14.19 as permitted sender) client-ip=212.159.14.19; Authentication-Results: mx.google.com; spf=softfail (google.com: domain of transitioning fromaddress does not designate 212.159.14.19 as permitted sender) smtp.mailfrom=fromaddress
Do I need to add/change any other DNS records?
Mike
Re: SPF softfail
17-03-2019 5:18 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
That IP address is included in the madasafish.com's record you included. The likelihood is that you need to wait for Google's DNS cache to flush the old entry.
If you PM me your domain there is a way to force that flush, though it might have happened by now.
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page