Opened on 05/11/2015 at 11:06:57 AM
Closed on 09/18/2015 at 07:10:01 AM
#2489 closed defect (fixed)
Limit number of DNS queries for SPF
| Reported by: | matze | Assignee: | matze |
|---|---|---|---|
| Priority: | P2 | Milestone: | |
| Module: | Infrastructure | Keywords: | |
| Cc: | fred | Blocked By: | |
| Blocking: | Platform: | Unknown | |
| Ready: | yes | Confidential: | no |
| Tester: | Unknown | Verified working: | no |
| Review URL(s): | |||
Description
The TXT records for SPF must not require more than 10 DNS lookups during validation. Otherwise strict implementations trigger a permerror when they reach that threshold but haven't found a match yet:
Authentication-Results: mx.aol.com; spf=permerror (aol.com: while processing the SPF record for adblockplus.org we encountered a fatal error.)
See also issue #2331.
Attachments (0)
Change History (3)
comment:1 Changed on 05/11/2015 at 11:10:03 AM by matze
comment:2 Changed on 09/08/2015 at 01:56:08 AM by matze
- Tester set to Unknown
The temporary fix has been declared permanent until we have setup our own mail relay server (see #277). In the context of #2965, the records have been cleaned up and updated.
Last edited on 09/08/2015 at 01:57:55 AM
by matze
comment:3 Changed on 09/18/2015 at 07:10:01 AM by matze
- Resolution set to fixed
- Status changed from new to closed
Note: See
TracTickets for help on using
tickets.
A temporary fix (skipping the filter-servers) has been applied last week. We still need to find a permanent solution. (Note that the four lookups required implicitly for Google-Mail limit our threshold significantly!)