[opendmarc-users] OpenDMARC 1.3 and self SPF Check
Urban Loesch
bind at enas.net
Tue Aug 12 08:57:25 PDT 2014
Am 12.08.2014 15:07, schrieb Urban Loesch:
>
> Hi
>
> Am 12.08.2014 14:19, schrieb A. Schulze:
>>
>> Urban Loesch:
>>
>>> But this doesn't seem to work. If I set both options to "true" there will no DNS query be made for checking the SPF TXT records.
>>>
>>> Could this be a bug or do I miss something?
>> it's possible that the implementation isn't perfect for now.
>>
>> I run opendmarc in the same configuration and get mostly good results.
>> OK, I did not check which DNS queries opendmarc trigger when checking SPF
>> but for me it work. There are some issues on IPv6 ( http://sf.net/p/opendmarc/tickets/95/ )
>>
>> Andreas
>
> I disabled ipv6. But no solution. Always the same problem.
> I did more debugging and activated my querylog on my resolver and I made a tcpdump.
>
> I see only the queries for the "_dmarc.domain.com" records.
> Not for the spf records...
>
> If you say it works for you, may be it's a problem with libspf2 in Debian.
>
> The two of you have different configurations. He's using the internal SPF code, not libspf2.
>
> Libspf2 itself works, so it's either a configuration issue or something in the integration code.
>
> Scott K
But, how can I check which code is used? libspf2 or the internal one?
Are the some debugging option in opendmarc not documented? I can't find something
and the verbos output is not very informational.
My config doesn't look very complicated:
-- Begin --
HistoryFile /var/tmp/dmarc.dat
RejectFailures true
SoftwareHeader true
Syslog true
UMask 0111
Socket inet:8892
SPFSelfValidate true
SPFIgnoreResults true
-- End --
As I just said. With this options opemdmarc does not made any spf related dns query to my resolver.
Many thanks
Urban
More information about the opendmarc-users
mailing list