When trying to test the SPF using mxtoolbox, whatsmydns and mail-tester, SPF pass - its always there. But when we are trying from our mail zimbra to send email (check below)
Authentication-Results: atlas315.free.mail.bf1.yahoo.com;
dkim=pass header.i=@domain.com header.s=6D4A0968-F95A-11EA-BF6A-9135B77D1B1F;
spf=fail smtp.mailfrom=domain.com;
dmarc=unknown header.from=domain.com;
Actually we have mx record, dkim and dmarc. Sometimes dmarc and dkim are both present in authentication or sometimes just one of them only (like one above, only the dkim pass). Our DNS connection right now is not so stable. But all of the test that we made only the SPF always fail.
Hope someone can enlighten me whats seems to be the problem. Thanks.
SPF Problem
Re: SPF Problem
What, exacly, does that mean? Where is your DNS hosted? The obfuscated information you've posted doesn't give anyone the ability to verify your DNS records to confirm what you're saying.bryllej8 wrote:Our DNS connection right now is not so stable.
Re: SPF Problem
Our zimbra server is hosted by AWS and our DNS Server is in our office, it is separated. Due to slow internet connection sometimes our DNS have high ping or request timed out. Is this make sense sir pheonix ?
phoenix wrote:What, exacly, does that mean? Where is your DNS hosted? The obfuscated information you've posted doesn't give anyone the ability to verify your DNS records to confirm what you're saying.bryllej8 wrote:Our DNS connection right now is not so stable.
Re: SPF Problem
Partly, does that mean your ZCS server is on a public or private IP address?bryllej8 wrote:Our zimbra server is hosted by AWS and our DNS Server is in our office, it is separated. Due to slow internet connection sometimes our DNS have high ping or request timed out. Is this make sense sir phoenix ?
Re: SPF Problem
Public ip address sir phoenix. Sorry for the late reply, just got back to the office. Please look at the results of SPF checking using this link https://vamsoft.com/support/tools/spf-policy-tester. I didn't get any SPF Fail but on the email raw message its always spf=fail hmmmm.
Zimbra 8.8.15 version
Zimbra 8.8.15 version
phoenix wrote:Partly, does that mean your ZCS server is on a public or private IP address?bryllej8 wrote:Our zimbra server is hosted by AWS and our DNS Server is in our office, it is separated. Due to slow internet connection sometimes our DNS have high ping or request timed out. Is this make sense sir phoenix ?
Re: SPF Problem
That's a pretty poor idea to host your own DNS records on an unpredictable internet connection, you really should host them on a decent DNS hosting provider such as EasyDNS here: https://easydns.com/ Disclaimer, I use them as my hosting provider and they provide an excellent service but there are also free services available if you'd care to search the internet.
Re: SPF Problem
Read carefully what Phoenix has said. He's steering you in the right direction.
For a DNS record to work all over the Internet, the SPF and DKIM records must be inserted in your *authoritative* server. This is just a guess, but it sounds to me like the records have been entered into your local DNS server, but are *not* being mirrored through all DNS servers on the Internet. You say that your DNS is "flaky" ... you need to "un-flake" it.
For a DNS record to work all over the Internet, the SPF and DKIM records must be inserted in your *authoritative* server. This is just a guess, but it sounds to me like the records have been entered into your local DNS server, but are *not* being mirrored through all DNS servers on the Internet. You say that your DNS is "flaky" ... you need to "un-flake" it.
Re: SPF Problem
Thank you so much sir spoole and sir phoenix. Will try to discuss this with our server admin.