amazon.com multiple SPF records

• Previous message (by thread): amazon.com multiple SPF records
• Next message (by thread): amazon.com multiple SPF records
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

What is spf2.0/pra ?

 

Is this new?

 

Jean

 

From: NANOG <nanog-bounces+jean=ddostest.me at nanog.org> On Behalf Of Alec Peterson
Sent: June 7, 2021 10:35 AM
To: Brad Barnett <lists at l8r.net>
Cc: nanog at nanog.org
Subject: Re: amazon.com multiple SPF records

 

Hmm, are you sure?

 

[ec2-user at ip-10-0-0-50 ~]$ dig amazon.com <http://amazon.com>  txt +short|grep spf
"v=spf1 include:spf1.amazon.com <http://spf1.amazon.com>  include:spf2.amazon.com <http://spf2.amazon.com>  include:amazonses.com <http://amazonses.com>  -all"
"spf2.0/pra include:spf1.amazon.com <http://spf1.amazon.com>  include:spf2.amazon.com <http://spf2.amazon.com>  include:amazonses.com <http://amazonses.com>  -all"
[ec2-user at ip-10-0-0-50 ~]$ 

 

On Mon, Jun 7, 2021 at 7:22 AM Brad Barnett <lists at l8r.net <mailto:lists at l8r.net> > wrote:


If anyone at Amazon is paying attention, you have duplicate spf1 records
for amazon.com <http://amazon.com> :

# dig -t TXT amazon.com <http://amazon.com>  | grep spf
amazon.com <http://amazon.com> .             281     IN      TXT     "spf2.0/pra include:spf1.amazon.com <http://spf1.amazon.com>  include:spf2.amazon.com <http://spf2.amazon.com>  include:amazonses.com <http://amazonses.com>  -all"
amazon.com <http://amazon.com> .             281     IN      TXT     "v=spf1 include: amazon.com <http://amazon.com>  include:spf1.amazon.com <http://spf1.amazon.com>  include:spf2.amazon.com <http://spf2.amazon.com>  include:amazonses.com <http://amazonses.com>  -all"
amazon.com <http://amazon.com> .             281     IN      TXT     "v=spf1 include:spf1.amazon.com <http://spf1.amazon.com>  include:spf2.amazon.com <http://spf2.amazon.com>  include:amazonses.com <http://amazonses.com>  -all"

It's causing mail deliverability issues, so users cannot reset their
password, or even get OTP codes reliably.

(I don't know where else to post, as whois/arin contacts aren't
responding, and I can't even imagine trying to go through other methods
of support...)

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20210607/94542a6b/attachment.html>

• Previous message (by thread): amazon.com multiple SPF records
• Next message (by thread): amazon.com multiple SPF records
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]