EmailDiscussions.com  

Go Back   EmailDiscussions.com > Discussions about Email Services > Email Help Needed!
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read
Stay in touch wirelessly

Email Help Needed! Having problems with your email service, or with the email software you're using? Post your questions and answers here!

Reply
 
Thread Tools
Old 22 Mar 2023, 09:47 PM   #16
DougLass
Member
 
Join Date: May 2014
Posts: 56
Hmmm. That's interesting. I don't know how I ended up with those two SPFs, though functionally they should be equivalent. I'll try replacing both with
v=spf1 +mx +a +ip4:108.167.133.30 +ip4:xxx.x.xxx.xxx +include:sendersrv.com -all
and see if that helps.

Last edited by DougLass : 22 Mar 2023 at 09:57 PM.
DougLass is offline   Reply With Quote
Old 22 Mar 2023, 10:37 PM   #17
DougLass
Member
 
Join Date: May 2014
Posts: 56
Geez Louise, I accidentally did -all instead of ~all in my SPFs, and mxtoolbox gave me a hard fail on that SPF. So I changed it back to ~all. Soft fails are better than hard fails, I guess! What's the difference between -all and ~all?
DougLass is offline   Reply With Quote
Old 22 Mar 2023, 10:39 PM   #18
Bamb0
Master of the @
 
Join Date: Feb 2005
Location: USA
Posts: 1,977
I tried to email someonme @ logical.net this morning and it was rejected
Bamb0 is offline   Reply With Quote
Old 22 Mar 2023, 10:40 PM   #19
TenFour
Master of the @
 
Join Date: Feb 2017
Location: USA
Posts: 1,840
Quote:
Should I use ~all or -all?
When an SPF record includes ~all (softfail qualifier), receiving servers typically accept messages from senders that aren't in your SPF record, but mark them as suspicious.

When an SPF record includes -all (fail qualifier), receiving servers may reject messages from senders that aren't in your SPF record. If your SPF record isn’t set up correctly, the fail qualifier might cause more messages from your domain to be sent to spam.

Tip: To prevent spoofing of domains that don’t send email, use this as the SPF record for the domain: vspf1 ~all
https://support.google.com/a/answer/...topic=10685331
TenFour is offline   Reply With Quote
Old 25 Mar 2023, 08:41 PM   #20
DougLass
Member
 
Join Date: May 2014
Posts: 56
Quote:
Originally Posted by TenFour View Post
I appreciate that. The distinction between "soft-fail" and"fail" was never that clear to me.

Now, here's something screwball. Out of the blue, I get e-mails from Comcast DMARC Report Generator <dmarc-support@alerts.comcast.net> addressed to the e-mail account that is being rejected by many, and that we're referring to here. It includes a zipped xml file that reports (actual IP number redacted)

<row>
<source_ip>xxx.x.xxx.xxx</source_ip>
<count>3</count>
<policy_evaluated>
<disposition>none</disposition>
<dkim>pass</dkim>
<spf>fail</spf>
</policy_evaluated>
</row>

Huh? This seems to be saying that my SPF fails, but both my listserve provider (Sender) and my domain manager (Hostgator) says my SPF is just fine. What is the Comcast DMARC Report Generator, and why is it sending me what seems to be faulty info? Who asked it to send me anything? Oh, the e-mail also says "If you have any questions or concerns about the DMARC report, please reply to this message." I have done so (as of a few days ago), and have not gotten anything back.
DougLass is offline   Reply With Quote
Old 25 Mar 2023, 10:15 PM   #21
Avion
Senior Member
 
Join Date: Sep 2022
Posts: 134
Someone (either you or someone else pretending to be you by using your domain e-mail address) has sent an e-mail to someone else that's using the Comcast e-mail server.

So, Comcast have sent you the DMARC report, presumably an e-mail with a ZIP file attached?

Go to the DMARC XML to Human Converter and upload that ZIP file, then 'View Report'.

Expand all the report, to read the complete report.

That may better explain what's happening.
Avion is offline   Reply With Quote
Old 25 Mar 2023, 10:49 PM   #22
DougLass
Member
 
Join Date: May 2014
Posts: 56
Sorry, but that's nuts. Comcast wants a private concern to verify the problems that it found? I have to log into dmarcian.com, and get set up with a new DMARC record that *specifically* includes dmarcian.com? My DMARC error is that my record doesn't include dmarcian.com? Just nuts.
DougLass is offline   Reply With Quote
Old 25 Mar 2023, 10:54 PM   #23
Avion
Senior Member
 
Join Date: Sep 2022
Posts: 134
The DMARC converter is just a tool to help you understand the reports better.

If you don't want to use it, you don't have to . . .
Avion is offline   Reply With Quote
Old 26 Mar 2023, 02:08 AM   #24
DougLass
Member
 
Join Date: May 2014
Posts: 56
Quote:
Originally Posted by Avion View Post
The DMARC converter is just a tool to help you understand the reports better.

If you don't want to use it, you don't have to . . .
It wants me to log in, and wants my credit card as well. No thanks. Actually, if you go straight to the site, instead to their DMARC inspector - https://us.dmarcian.com/dmarc-inspector/, it does a free assay on your DMARC, and it found mine to be bad. I complained to Hostgator, and they fixed it. dmarcian.com now likes it.

Now, I don't really understand, though. DMARC is supposed to pertain IF your SPF is wrong. But mine is right. So, in principle, my bad DMARC shouldn't have been relevant. Nevertheless, I suppose I could get blacklisted for not having a good DMARC.

Last edited by DougLass : 26 Mar 2023 at 11:30 AM.
DougLass is offline   Reply With Quote
Old 26 Mar 2023, 09:51 AM   #25
Bamb0
Master of the @
 
Join Date: Feb 2005
Location: USA
Posts: 1,977
I dont blame ya for not entering it!!!!!!!
Bamb0 is offline   Reply With Quote
Old 26 Mar 2023, 04:07 PM   #26
Avion
Senior Member
 
Join Date: Sep 2022
Posts: 134
Quote:
Originally Posted by DougLass View Post
It wants me to log in, and wants my credit card as well.
I've never had to create a Dmarcian account to use their DMARC converter, and I've never given them any credit card details. I have the link, that I've previously quoted, as a bookmark, and I use it regularly.
Avion is offline   Reply With Quote
Old 26 Mar 2023, 09:02 PM   #27
DougLass
Member
 
Join Date: May 2014
Posts: 56
Quote:
Originally Posted by Avion View Post
I've never had to create a Dmarcian account to use their DMARC converter, and I've never given them any credit card details. I have the link, that I've previously quoted, as a bookmark, and I use it regularly.
I tried it again, and I admit that I may have got tangled up in their for-profit service earlier. But it doesn't matter. The xml report from the Comcast DMARC Report Generator uploads to Dmarcian with an "Invalid XML File" error. For what it's worth, that xml file strangely can't be opened in a modern browser, because it doesn't have any style information associated with it. Somewhat of a defective file, I guess. Laughably, the file is delivered zipped, which is kinda dumb, considering that it is an 8Kb file! But hey, save space! So while the DMARC converter in Dmarcian doesn't work for me, their DMARC inspector does work. Not clear where Comcast is coming from here. Aside from its defectiveness, I guess it's possible that the Comcast DMARC Report Generator seemed to have a result that "failed" my SPF because my DMARC was crapified. One would like to believe that once the revised DMARC is propagated, the next DMARC report will be more positive.

Last edited by DougLass : 27 Mar 2023 at 04:50 AM.
DougLass is offline   Reply With Quote
Old 27 Mar 2023, 04:41 AM   #28
SideshowBob
Essential Contributor
 
Join Date: Jan 2017
Posts: 303
The obvious reason why SPF might fail is that you are sending to an address that is forwarded to an address at comcast.
SideshowBob is online now   Reply With Quote
Old 27 Mar 2023, 04:48 AM   #29
DougLass
Member
 
Join Date: May 2014
Posts: 56
Quote:
Originally Posted by SideshowBob View Post
The obvious reason why SPF might fail is that you are sending to an address that is forwarded to an address at comcast.
Um, some of my recipients have Comcast e-mails, which is why I might be getting this message from Comcast, but no, that doesn't have anything to do with an SPF failure. SPF is about authorization, and sending to Comcast doesn't invalidate anyone's authorization records.
DougLass is offline   Reply With Quote
Old 27 Mar 2023, 09:39 PM   #30
DougLass
Member
 
Join Date: May 2014
Posts: 56
Wow, now I'm getting these same (zipped, browser unreadable XML) reports from noreply-dmarc-support@google.com. They seem to say the same thing as the ones from Comcast, that my SPF is bad. But my gmail recipients have no trouble getting these e-mails. As I said, both my e-mail host and my domain host swear that my SPF is fine. Weirder and weirder.
DougLass is offline   Reply With Quote
Reply


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Forum Jump


All times are GMT +9. The time now is 10:52 PM.

 

Copyright EmailDiscussions.com 1998-2022. All Rights Reserved. Privacy Policy