Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » Strange SPF errors (Kerio says it's malformed, but it is valid!)
  •  
pkirkovsky

Messages: 10
Karma: 0
Send a private message to this user
I keep seeing this error in the logs:

[12/Apr/2007 14:02:07] SPFChecker.cpp: Error when parsing SPF TXT record for domain: sigma-aldrich.com, envelope-from=mailuser<_a.t_>sigma-aldrich.com, message: Required option is missing near "" in "sial.com ~all"


The SPF record for sigma-aldrich.com is perfectly valid. Why is KMS complaining?
  •  
Anonymous
Karma:
The TXT record for sigma-aldrich.com is
"v=spf1 ip4:63.99.16.0/24 ip4:208.4.152.128/25 mx include sial.com ~all"

It's missing a ":" between "include" and "sial.com"

The correct TXT record should be
"v=spf1 ip4:63.99.16.0/24 ip4:208.4.152.128/25 mx include:sial.com ~all"
You can find more information about the formating here http://www.openspf.org/SPF_Record_Syntax#include
  •  
pamf

Messages: 10
Karma: 0
Send a private message to this user
My kerio mailserver also send me the following message:

"Parse error in Caller-ID record for domain atclave.es: invalid text element"

Nslookup command return:

"spf1 mx ptr"

Where it is the error?

Thank You!!!

Pedro A.
  •  
Pavel Dobry (Kerio)

Messages: 5245
Karma: 251
Send a private message to this user
pamf wrote on Sun, 15 April 2007 00:22

My kerio mailserver also send me the following message:

"Parse error in Caller-ID record for domain atclave.es: invalid text element"

Nslookup command return:

"spf1 mx ptr"

Where it is the error?

Thank You!!!

Pedro A.


Caller-ID records are stored in subdomain with prefix ep_. (which is ep_.atclave.es). Since the ep_ subdomain is an alias to primary domain, there is only one TXT record which is not in Caller-ID format but in SPF.
  •  
pamf

Messages: 10
Karma: 0
Send a private message to this user
Hello:


Sorry, it but I do not understand!

My logfile says:

[08/May/2007 20:42:59][1512] {dns} CNAME record: name=_ep.atclave.es cname=atclave.es
[08/May/2007 20:42:59][1512] {dns} TXT record: v=spf1 mx ptr
[08/May/2007 20:42:59][1512] {smtps} Retrieval finished, success=no
[08/May/2007 20:42:59][1512] {smtps} 587 bytes received in command DATA
[08/May/2007 20:42:59][1512] {smtps} Message accepted for delivery
[08/May/2007 20:42:59][1512] {smtps} Command QUIT
[08/May/2007 20:42:59][1512] {smtps} SMTP server session end

Thank You!!!

Pedro A.
  •  
sedell

Messages: 1168
Karma: 1
Send a private message to this user
The point is, Caller-ID records are stored in a record named _ep.atclave.es, not SPF records. The result you're getting is an SPF record. Whomever maintains atclave.es DNS put the wrong record there.

Scott
  •  
pamf

Messages: 10
Karma: 0
Send a private message to this user
Hello:


I follow without understanding it!


I give more some data...

The domain is lodged in wwww.cdmon.com.
In the Control Panel of the domain i have created the following records:

atclave.es 80.37.140.166 redir IP
TXT v=spf1 mx ip4:80.37.140.166 ~all
MX atclave.es Pref: 10
CNAME = _ep.atclave.es -> atclave.es
TXT <ep xmlns='http://ms.net/1'><out><m><mx/></m></out></ep>

Of this one form it must have implemented the two technologies SPF and Caller-ID)?

Greetings,

  •  
Pavel Dobry (Kerio)

Messages: 5245
Karma: 251
Send a private message to this user
There is only one TXT record for domain _ep.atclave.es and it is not a Caller-ID but SPF.
Called-ID record is missing. Your DNS server is not probably configured correctly.

This is what I get from DNS:

Quote:

pavelsmac:~ pdobry$ nslookup
> set type=TXT
> _ep.atclave.es
Server: 172.16.0.1
Address: 172.16.0.1#53

Non-authoritative answer:
_ep.atclave.es canonical name = atclave.es.
atclave.es text = "v=spf1 mx ip4:80.37.140.166 ~all"

Authoritative answers can be found from:
atclave.es nameserver = NS3.CDMON.NET.
atclave.es nameserver = NS1.CDMON.NET.
atclave.es nameserver = NS2.CDMON.NET.
NS1.CDMON.NET internet address = 86.109.99.129
NS2.CDMON.NET internet address = 86.109.98.129
NS3.CDMON.NET internet address = 213.186.58.203
>
  •  
pamf

Messages: 10
Karma: 0
Send a private message to this user
Hello:

In the attached image the Control Panel of the domain can be seen.

  • Attachment: CDMON.jpg
    (Size: 147.71KB, Downloaded 828 times)
Previous Topic: Kerio MailServer 6.4.0 RC1 released
Next Topic: Cannot open work file/open folder/create folder
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Mon Nov 20 12:27:37 CET 2017

Total time taken to generate the page: 0.00488 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.