Jim Miller asked:
I’m having problems with Google rejecting mail because of SPF problems. I thought I had this fixed, but evidently not…
The mail is being sent from a Drupal site running mimemail. A message that shows the problem looks like:
Delivered-To: email@example.com Received: by 10.112.47.229 with SMTP id g5csp300564lbn; Wed, 2 Apr 2014 10:21:06 -0700 (PDT) X-Received: by 10.66.249.233 with SMTP id yx9mr1407538pac.3.1396459264202; Wed, 02 Apr 2014 10:21:04 -0700 (PDT) Return-Path: <firstname.lastname@example.org> Received: from sender.com (sender.com. [xxx.xxx.xxx.xxx]) by mx.google.com with ESMTP id m8si1612133pbd.503.2014.04.02.10.21.03 for <email@example.com>; Wed, 02 Apr 2014 10:21:04 -0700 (PDT) Received-SPF: softfail (google.com: domain of transitioning firstname.lastname@example.org does not designate xxx.xxx.xxx.xxx as permitted sender) client-ip=xxx.xxx.xxx.xxx; Authentication-Results: mx.google.com; spf=softfail (google.com: domain of transitioning email@example.com does not designate xxx.xxx.xxx.xxx as permitted sender) firstname.lastname@example.org Received: by sender.com (Postfix, from userid 48) id 3E486101774; Wed, 2 Apr 2014 17:21:02 +0000 (UTC) To: "reg" <email@example.com> Subject: Message Subject here X-PHP-Originating-Script: 501:mimemail.module MIME-Version:1.0 Content-Type:multipart/mixed; boundary="ca08a4eb4d5f903d3ee41d8632611e3ff9f7e67713" Content-Transfer-Encoding:8Bit X-Mailer:Drupal Sender:Sender <firstname.lastname@example.org> From:Sender <email@example.com> Message-Id: <20140402172102.3E486101774@sender.com> Date: Wed, 2 Apr 2014 17:21:02 +0000 (UTC) This is a multi-part message in MIME format. --ca08a4eb4d5f903d3ee41d8632611e3ff9f7e67713 Content-Type:multipart/alternative; boundary="2db314e2a942d712c21894936b800a2c7998463d12" Content-Transfer-Encoding:8bit --2db314e2a942d712c21894936b800a2c7998463d12 Content-Type:text/plain; charset=utf-8 Content-Disposition:inline Content-Transfer-Encoding:8bit Message text goes here... --2db314e2a942d712c21894936b800a2c7998463d12 Content-Type:text/html; charset=utf-8 Content-Disposition:inline Content-Transfer-Encoding:8Bit <html> <html text goes here> </html> --2db314e2a942d712c21894936b800a2c7998463d12-- --ca08a4eb4d5f903d3ee41d8632611e3ff9f7e67713--
[Apologies for the anonomyzing.]
The SPF records for the domain, obtained from http://www.whatsmyip.us/txt, look like:
v=spf1 ip4:xxx.xxx.xxx.xxx ~all , ttl : 14144 v=spf1 include:_spf.google.com ~all , ttl : 14144 v=spf1 a -all , ttl : 14144 v=spf1 ip4:xxx.xxx.xxx.yyy ~all , ttl : 14144
I can’t figure out what’s wrong — the appropriate SPF records seem to be in place. The only issue I can see is that I have indeed set up (or tried to set up) two servers as legal senders for the domain; this is meant to cover both a production and a development server (let’s call them sender.com and dev.sender.com). Is this an issue?
Any thoughts about what’s wrong? Again, I thought this was once working correctly, but it’s definitely not now. Thanks!
You can only have one SPF record. Since you created four of them, which one actually gets used is essentially random. You should combine them together into a single record.
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.