1

I'm troubleshooting Google Apps marking valid messages as spam. In the message header:

Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of user@subdomain.domain.com designates xxx.xxx.xxx.xxx as permitted sender)

How is Google verifying this? There is no txt record at subdomain.domain.com, and none at domain.com.

Thanks.

Dom
  • 741
  • 1
  • 8
  • 19

1 Answers1

1

That's an SPF (Sender Policy Framework) check.

Follow the link for some more details care of Wikipedia, but it's actually verifying that the mailserver is an authorized mailserver for the domain, not the user. Read the message a bit more carefully:

best guess record for domain of user@subdomain.domain.com designates xxx.xxx.xxx.xxx as permitted sender

The IP address (which would correspond to the mailserver) is the permitted sender, not the user, and this is based on the user's domain, not the user.

HopelessN00b
  • 53,795
  • 33
  • 135
  • 209
  • I'm aware of how SPF works, but what domain is it doing the TXT lookup on? How is it coming up with this domain? I've just noticed the (real) domain is in the MessageID but this appears to be it's only location throughout the entire e-mail header. – Dom Dec 29 '12 at 03:34
  • @Dom read on down the Wikipedia page. TXT records are one (older) way, but SPF can use TXT records or SPF records. – HopelessN00b Dec 29 '12 at 03:40
  • I have yet to find a cPanel account that lets me specify SPF records, either way, there are no TXT or SPF records at either subdomain.domain.com or domain.com. What rules are they using to figure out the real original domain (it exists only once in the header, in the message ID) or how else are they validating SPF on this e-mail? – Dom Dec 29 '12 at 03:52
  • @Dom Where is cPanel coming from? Clearly, your question is missing big swathes of detail you need to go back and add. – HopelessN00b Dec 29 '12 at 03:57
  • The question covers exactly what I'm looking for. In most cases, Google Apps says "google.com: best guess record for domain of email@address.com designates xxx.xxx.xxx.xxx as permitted sender". Look up the SPF of address.com and make sure it's correct. In this case, there is no SPF for the @address.com. – Dom Dec 29 '12 at 04:43
  • 1
    You know if you told us your actual domain name, we could actually perform the DNS lookups, and verify your setup was valid. – Zoredache Dec 29 '12 at 12:09