Its @funktionsstod.goteborg.seThe problem as said is the response of the
"exists:" macro gets dropped by the DNS Rebinding protection module for being a
private IP.IP is 23.90.102.86HELO is the PTR of 23.90.102.86
-------- Originalmeddelande --------Från: Jose Morales Velazquez via mailop
<[email protected]> Datum: 2025-06-19 00:47 (GMT+01:00) Till:
[email protected] Ämne: Re: [mailop] iphmx.com - who owns that server (SPF
fault) Hello,Question, what is the FROM: address? @iphmx.com or a different
sender which is using iphmx.com servers which shows on the EHLO/HELO or CONNECT
commands?SPF records are TXT records and should be only checked as TXT type
only, as other type will give different results.What is the IP address shown on
connect ? as SPF will check the connecting IP address against the SPF record of
the domain listed on the FROM address of the message.### Manual SPF check$
policyd-spf <<
EOFhelo_name=23.90.102.86.spf.hc2437-76.eu.iphmx.comclient_address=23.90.102.86sender=spf.test@iphmx.comEOFaction=550
5.7.23 Message rejected due to: SPF fail - not authorized. Please see
http://www.openspf.net/Why?s=mfrom;[email protected];ip=23.90.102.86;r=<UNKNOWN>###On
6/17/2025 4:10 AM, sebastian via mailop wrote:> Anyone that knows how to get
in touch with the admins on iphmx.com?>> Getting a lot of incoming SPF rejects
on iphmx.com (mail destined for > me, but rejected because sender SPF is
faulty) - who owns that server?>> The thing is that iphmx.com seems to be a
MaaS infrastructure who > tells clients to use exists: as SPF records.>> Like:
exists:%{i}.spf.hc2347-76.eu.ipmx.com>> One example:>>
23.90.102.86.spf.hc2437-76.eu.iphmx.com>> The problem is that these resolve to
a private IP (172.0.0.2) which > causes SPF failures due to DNS rebinding
protection. Returning private > IP adresses for external use is a big no-no.>>
Works well for DNSBLs because in those situations its easy to > configure a
exception for the DNSBL server. Not so easy to configure > an exception for all
SPFes.>> Recommended DNS configuration change:> Have the A record return its
own IP:>> 23.90.102.86.spf.hc2437-76.eu.iphmx.com IN A 23.90.102.86>>> Best
regards, Sebastian Nielsen, owner of sebbe.eu>>
_______________________________________________> mailop mailing list>
[email protected]> https://list.mailop.org/listinfo/mailop-- Sincerely,Jose
Morales-VelazquezPostmaster @ Rackspace
Emailhttps://www.rackspace.com_______________________________________________mailop
mailing [email protected]https://list.mailop.org/listinfo/mailop_______________________________________________
mailop mailing list
[email protected]
https://list.mailop.org/listinfo/mailop
