[dmarc-discuss] SPF failed?

Maarten Oelering maarten at postmastery.net
Mon Jun 11 02:18:48 PDT 2012


Your envelope sender (SPF) domain needs to end with 888poker.com to be aligned and validate in DMARC context.

See also the SPF examples in section B.1.1 of draft-dmarc-base-00-02.txt.

Maarten

On 11 jun. 2012, at 11:09, Or Weinberger wrote:

> Hi Michiel,
>  
> What do you mean it's not a part of bounce.cassavaengage.mkt3390.com
>  
> This is the current SPF record of bounce.cassavaengage.mkt3390.com:
>  
> "v=spf1 ip4:208.85.53.123 ip4:74.112.66.8 ip4:74.112.67.107 ip4:74.112.67.108 ip4:74.112.67.109 ip4:74.112.67.114 ip4:74.112.67.72 ip4:74.112.67.73 ip4:74.112.67.84 ip4:74.112.67.85 ip4:74.112.65.178 -all"
>  
> It contains all of our sending IPs, including 74.112.67.107 as mentioned below
>  
>  
> From: Maarten Oelering [mailto:maarten at postmastery.net] 
> Sent: Monday, June 11, 2012 12:07 PM
> To: dmarc-discuss at dmarc.org
> Cc: Or Weinberger
> Subject: Re: [dmarc-discuss] SPF failed?
>  
> Hi Or,
>  
> SPF alone, as checked on the envelope sender (return-path) validates. But DMARC requires that the envelope sender domain is aligned with the From: header domain. This is to prevent spoofing of the envelope sender.
>  
> Maarten Oelering
> Postmastery
>  
> On 11 jun. 2012, at 10:55, Or Weinberger wrote:
> 
> 
> Hey everyone,
>  
> Trying to figure out why I'm seeing an SPF fail in the dmarc report:
>  
>   <record>           
>     <row>              
>       <source_ip>74.112.67.107</source_ip>          
>       <count>1327</count>             
>       <policy_evaluated> 
>         <disposition>none</disposition>   
>         <dkim>pass</dkim>              
>         <spf>fail</spf>        
>       </policy_evaluated>               
>     </row>            
>     <identifiers> 
>       <header_from>email.888poker.com</header_from>              
>     </identifiers>               
>     <auth_results>             
>       <dkim>          
>         <domain>email.888poker.com</domain>  
>         <result>pass</result>           
>       </dkim>        
>       <spf>              
>         <domain>bounce.cassavaengage.mkt3390.com</domain> 
>         <result>pass</result>           
>       </spf>            
>     </auth_results>           
>   </record>         
>  
> As you can see, under the <policy_evaluated> I'm getting <spf>fail</spf> but under the <auth_results> the spf seems to pass.
>  
> Thanks,
>  
> Or Weinberger
> Email Marketing Specialist 
>  
> Medinat Hayehudim 85A
> Herzliya Pituach, Israel
> t:   +972 (732) 888-695
> e:  or.weinberger at 888holdings.com
>  
> <image001.gif>
>  
> _______________________________________________
> dmarc-discuss mailing list
> dmarc-discuss at dmarc.org
> http://www.dmarc.org/mailman/listinfo/dmarc-discuss
> NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://medusa.blackops.org/pipermail/dmarc-discuss/attachments/20120611/13674783/attachment-0001.htm>


More information about the dmarc-discuss mailing list