I am trying to setup a very basic SPF record. I am hosting my website on Godaddy and using Godaddy's email servers. I am using the php mail() call (I know, I've read a ton of places to use PHP Mailer, or others, but I am choosing to the default mail() function and thats not really my question). Right now the spf record in the email is coming back as
neutral with the following lines:
Delivered-To: email@example.com Received: by 10.52.171.166 with SMTP id av6csp133324vdc; Tue, 16 Jul 2013 07:43:23 -0700 (PDT) X-Received: by 10.49.104.180 with SMTP id gf20mr2338989qeb.59.1373985802775; Tue, 16 Jul 2013 07:43:22 -0700 (PDT) Return-Path: <firstname.lastname@example.org> Received: from p3nlsmtp14.shr.prod.phx3.secureserver.net (p3nlsmtp14.shr.prod.phx3.secureserver.net. [126.96.36.199]) by mx.google.com with ESMTP id d19si710455qey.143.2013.07.16.07.43.22 for <email@example.com>; Tue, 16 Jul 2013 07:43:22 -0700 (PDT) Received-SPF: neutral (google.com: 188.8.131.52 is neither permitted nor denied by best guess record for domain of firstname.lastname@example.org) client-ip=184.108.40.206; Authentication-Results: mx.google.com; spf=neutral (google.com: 220.127.116.11 is neither permitted nor denied by best guess record for domain of email@example.com) firstname.lastname@example.org Received: from P3NW8SHG339 ([18.104.22.168]) by p3nlsmtp14.shr.prod.phx3.secureserver.net with id 12jN1m0080x5yNo012jNyX; Tue, 16 Jul 2013 07:43:22 -0700 Date: Tue, 16 Jul 2013 07:43:21 -0700 Subject: Little Jaws Big Smiles Registration Confirmation X-PHP-Originating-Id:  To: "Person" <email@example.com> From: "Little Jaws Big Smiles" <firstname.lastname@example.org> Reply-To: "Little Jaws Big Smiles" <email@example.com> Return-Path: "Little Jaws Big Smiles" <firstname.lastname@example.org> Message-ID: <51e55c0a.f351310a.61d2.ffffe3a0SMTPIN_ADDED_BROKEN@mx.google.com> X-Mailer: PHP/5.2.17 MIME-Version: 1.0 Content-type: text/html; charset=ISO-8859-1 Organization: Little Jaws Big Smiles
22.214.171.124 corresponds to
p3nlsmtp14.shr.prod.phx3.secureserver.net, which I'm guessing is the mail server actually sending my email.
v=spf1 a mx ptr ip4:126.96.36.199 -all
However this still results in a neutral SPF result. I have waited 48 hours for the record to take action. I have also read the
SPF Syntax and I think I've set it up appropriately (but I've never done this before, so I could be completely misunderstanding this)
I have also tried kitterman's validation script with the following result:
Found v=spf1 record for littlejawsbigsmiles.com: v=spf1 a mx ptr ip4:188.8.131.52 -all evaluating... SPF record passed validation test with pySPF (Python SPF library)!
Does anyone see a problem with my record definition or if I am missing anything else?
I am attempting to send mail from email@example.com
Let me know if I need to provide any other information.
Update Per @TheCleaner's request, I followed the instructions on Godaddys site to creating the SPF record. Below are the steps and options I choose with why I selected them.
Under To Add an SPF Record
GoDaddy.com, LLC only
All Inbound Servers May Send Mail
184.108.40.206/24since this appears to be the mail servers Godaddy uses to send out emails
Exclude all hosts not specified herewhich adds
The result SPF record is below. I will try this and post back if this fixes my issues. Please let me know if my assumptions about my steps above are incorrect.
v=spf1 mx include:220.127.116.11/24 -all
So I finally tracked down the issue (godaddy techincal support said they couldnt help with "scirpting" problems). Turns out that they do have an issue with the SPF records:
Apparently when you setup a new hosting account, the default
C:\php5\php.ini file for windows hosts sets the
firstname.lastname@example.org, which was the actual sending address of the emails I sent using php's mail() function. I changed this to
email@example.com and got a little closer to resolving my issue.
Now to the second issue I was having that was causing the SPF to still fail. It turns out that creating an SPF record with Godaddys default
include:spf.secureserver.net contains too many lookups. You can verify this by using this SPF Parser and enter in
spf.secureserver.net. You will see there are a lot more then the maximum 10 lookups.
Using Kitterman's validation script, if you enter in
spf.secureserver.net, you can see that it shows error
PermError SPF Permanent Error: Too many DNS lookups. This is a problem that Godaddy needs to resolve globally (not just for my site). The issue is documented on their site. I did receive a response from them indicating its not their problem:
Also although we provide the ability to create SPF records, the management and setup responsibility are solely the customers responsibility.
I was able to work around this by checking my email headers and finding which server(s) were sending it out (appeared to be range
18.104.22.168-245). Using the SPF Parser I linked above, I was able to determine my site appears to be using
spf102.secureserver.net. I'm not sure if this will change for my site and Godaddy has yet to tell me the answer. I changed my SPF record to include
spf102.secureserver.net, which does not have the issue of
Too many DNS lookups, but it might be an issue if emails could be changed and sent out of say
Final working record will be based on the servers that are used for sending out emails, but it should look something like this if you are hosted on and using Godaddys servers:
v=spf1 mx include:spf102.secureserver.net -all
With these two updates I was able to send mail to google and hotmail email accounts and they not longer go to spam/junk folders (yey!)
Thanks to @MadHatter, @gparent and @TheCleaner for their support in tracking this down.
External links referenced by this document: