spf strings improperly set?

The strings do not include the server address. I don't know but I sent a test email from the following locations (didn't try on my mail client yet) and here were my results.

Please note the following configuration for my domain
congachaos.com DOES send mail (second option)
smf.congachaos.com DOES NOT send mail (first option)
cygwin.congachaos.com DOES NOT send mail (first option)

Via webmail.congachaos.com
Result: permerror

Via mutt or pine program in shell
Result: neutral

Huh. The second one is sending as if it is coming from shinji257@server. In mutt the server was compton.dreamhost.com and on pine it was spork.dreamhost.com. Neither has a spf record defined so the test came back neutral.

I used the email address check-auth@verifier.port25.com for testing and it responds with test results within a couple of minutes.

Also seeing some defects here, it would seem.

I'm using the default (DH servers) option, and when I test the record at DNSSTUFF.COM, they indicate:

Error: I could not get the SPF string [SPF not supported (the smarty.dreamhost.com TXT record does not exist, negative TTL=3328).].


Then, when I send a test message (from SquirrelMail) to a gmail account, gmail indicates in the header:

"Received-SPF: neutral (gmail.com: 66.33.201.157 is neither permitted nor denied by best guess record for domain"

66.33.201.157 is webmail2.sd.dreamhost.com

??

Just a note that the dns entries did disappear about a few hours after posting the message (never came back to say it) but i think this needs to be looked into some more. The part about the spf results anyways. The fact the entries were not being removed may of partially been due to the problems that were occuring with the dns server at the time.

Another datapoint -- For experimentation purposes, I enabled spf on two of my three domains. It was 12-18 hours (overnight) before the changes were made to my DNS records.

Also, I offer a couple of bugs --

1. When doing "Add a Custom SPF Record" >> ip4, the system doesn't accept entries in CIDR notation (e.g. nnn.nnn.nnn.0/23).

2. When canceling out after a failed attempt to add an ip4 netblock, the user is told that she has no domains, etc.

3. The tail end of the default string, "ip4:64.111" isn't valid for SPF, if I understand the specs correctly.

And, I offer a couple of nice-to-have features....

4. It would be nice if users could have the ability to choose whether an -all entry is placed at the end of their spf record.

5. I know this is a longshot, but it'd be cool if we could manually edit the TXT records created by this tool over in the DNS section.

I'll revise part of my earlier bug report. Is it my imagination, or are SPF records being truncated at 255 characters, making it difficult-to-impossible to add alternate locations to the DNS record.

If that's a limitation of the SPF/DNS specs, then you really need to pare down the dreamhost entries to a couple of netblocks.

In reply to:

---

We are unfortunately going to be disabling the SPF Beta test which was
previously available in the Mail section of our Web Panel. We are having
some trouble ironing out the kinks, and it is currently completely
non-functional anyways. Once we have everything working again we will
reenable it.

---

Hopefully they will get it working again soon.

digitalrundown.com
Promo Code: WJD97 - $97.00 off any new DreamHost plan (except month-month payments).

My string includes 10.3.*.* addresses, shouldn't they be removed? I use the default DreamHost settings.

I would also like to be able to set a trailing '-all'.

"v=spf1 ip4:64.111.110.9 ip4:64.111.110.24 ip4:64.111.110.25 ip4:64.111.110.26 ip4:205.196.222.20 ip4:64.111.110.27 ip4:205.196.222.23 ip4:66.33.205.9 ip4:10.3.41.81 ip4:10.3.41.82 include:smarty.dreamhost.com ip4:205.196.208.4 ip4:10.3.41.83 ip4:10.3.41.8"