Hi, I am the upstream author of Mail::SPF. Two things first: 1. The policyd timeout is indeed a postfix-policyd-spf-perl issue. Maybe I can add an option to Mail::SPF that allows a shorter timeout period (than the Net::DNS default) to be specified. 2. The SERVFAIL DNS status code (RCODE 2) does NOT mean "unsupported operation". According to RFC 1035, it means "The name server was unable to process this query due to a problem with the name server". There is another status code, "Not Implemented" (RCODE 4), that means "The name server does not support the requested kind of query". Please do not conflate the two. Thus, interpreting SERVFAIL as "not found" is inappropriate because it could just as well mean "out of memory" or "out of database connections, try again later".
Now on to the Mail::SPF issue. If you look at <http://spf.pastebin.com/f3b588a5a>, the name servers responsible for smtp03.hkpc.org really seem to have a much bigger problem than not supporting the SPF RR type. Based on this, the TempError returned by Mail::SPF appears to me as being absolutely justified, regardless of Mail::SPF's handling of the SPF RR type. However, concerning the handling of the SPF RR type, understand that while Mail::SPF queries for both the SPF and TXT RR types (in this order), only the SPF-type lookup failing isn't enough for TempError to be returned. If the SPF-type lookup fails but the (following) TXT-type lookup succeeds, Mail::SPF silently uses the TXT response to calculate an SPF result. Only if /both/ the SPF- and TXT-type lookups fail does it return an error (based on the result of the SPF-type lookup, which was the first performed). -- SPF rejects mail on unsupported SPF RR type https://bugs.launchpad.net/bugs/161133 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs