Strange SPF issues

Hi, I am strugling with this strange SPF authentication issues.
I have a customer who sends comfirmation email from web server.
The domains SPF record is properly set, allowing emails from 12.143.125.247.
But when I test, I get “spf=none” at recieving side, causing DMARC error.
Mail-from domain is same as header from domain. I can’t figure out why this SPF authentication fails. Any comments will be appreciated!

makenoise.co.jp domain SPF record is following;

v=spf1 ip4:21.23.99.25 ip4:12.143.125.247 include:spf.protection.outlook.com include:20713928.spf07.hubspotemail.net ~all

Here is Authentication-results and SPF results from recieved email header.

Authentication-Results: 115x166x152x187.svshost.com;
dmarc=fail (p=NONE sp=NONE) smtp.from=www.makenoise.co.jp header.from=makenoise.co.jp;
spf=none (sender IP is 12.143.125.247) smtp.mailfrom=admin@www.makenoise.co.jp smtp.helo=www.makenoise.co.jp
Received-SPF: none (115x166x152x187.svshost.com: no valid SPF record)

Welcome to the dmarcian forum.

That domain is not registered, so whatever SPF you think you have, does not exist.

% whois makenoise.co.jp
[ JPRS database provides information on network administration.
 Its use is    ]
[ restricted to network administration purposes. For further in
formation,     ]
[ use 'whois -h whois.jprs.jp help'. To suppress Japanese outpu
t, add'/e'     ]
[ at the end of command, e.g. 'whois -h whois.jprs.jp xxx/e'.
               ]
No match!!

With JPRS WHOIS, you can query the following domain name inform
ation
sponsored by JPRS.
    - All of registered JP domain name
    - gTLD domain name of which sponsoring registrar is JPRS
Detail: https://jprs.jp/about/dom-search/jprs-whois/ (only in J
apanese)

For IP address information, please refer to the following WHOIS
 servers:
    - JPNIC WHOIS (whois.nic.ad.jp)
    - APNIC WHOIS (whois.apnic.net)
    - ARIN WHOIS (whois.arin.net)
    - RIPE WHOIS (whois.ripe.net)
    - LACNIC WHOIS (whois.lacnic.net)
    - AfriNIC WHOIS (whois.afrinic.net)

Thanks for checking!
I masked the domain name for recurity reason.
The real domain is makinoseiki.co.jp.

web server ip is www.makinoseiki.co.jp, ip is 143.125.247.12.

SFP record.

v=spf1 ip4:210.230.199.225 ip4:143.125.247.12 include:spf.protection.outlook.com include:20713928.spf07.hubspotemail.net ~all

Received email header.

Authentication-Results: 115x166x152x187.svshost.com;
dmarc=fail (p=NONE sp=NONE) smtp.from=www.makinoseiki.co.jp header.from=makinoseiki.co.jp;
spf=none (sender IP is 143.125.247.12) smtp.mailfrom=admin@www.makinoseiki.co.jp smtp.helo=www.makinoseiki.co.jp
Received-SPF: none (115x166x152x187.svshost.com: no valid SPF record)
Received: (qmail 23310 invoked by VF by uid 800001); 26 Aug 2024 17:58:19 +0900
X-Vade-Tracker: score=0, verdict=clean, state=0

As you can see, web server ip of 143.125.247.12 is registered in SPF. But receivd heater tells me SPF none. What is going on?

Please don’t do that when asking others to help you. It wastes their time and can diminish interest in your request. If you must obscure a domain nave, use a resevered name like example.com to make it obvious.

That IP is in the SPF for makinoseiki.co.jp, but you aren’t sending mail claiming to be from that domain. You are sending mail from www.makinoseiki.co.jp, which has no SPF record. You need to publish an SPF record for www if you want to evaluate email addresses s that end in @www.makinoseiki.co.jp

2 Likes

Thanks for your comments!
Yes, I’ll make a note.

The mail-from domain must be exactly same as the one in SPF record name. That’s what I tought too after checking later.
My customer contacted web hosting company if they can chenage mail-from, but they said no. Also DKIM is not supported either.
So to solve this issue, I must create another DNS zone of www.makinoseiki.co.jp and publish SPF record there.

You shouldn’t need to create another DNS zone. Just publish the appropriate TXT record in the current zone at the www label.

Sorry, I am a bit confused now.

DNS zone record already has www which is A record. Is it possible to have TXT record of www?
I tought SPF record can be created only 1 for each zone.
Is it possible to have mutiple SPF records if names are different?

Unless there is a CNAME present, a label can have more than one record. Only one TXT record per label can be an SPF record or they will be invalidated. As long as the SPF records are at different labels, more than one in a zone is fine.

1 Like

Thank you so much! It’s really good to know. I searched on web, but I couldn’t find.

1 Like