nanog mailing list archives

RE: amazon.com multiple SPF records

From: Jean St-Laurent via NANOG <nanog () nanog org>
Date: Mon, 7 Jun 2021 13:17:28 -0400

What is spf2.0/pra ?

 

Is this new?

 

Jean

 

From: NANOG <nanog-bounces+jean=ddostest.me () nanog org> On Behalf Of Alec Peterson
Sent: June 7, 2021 10:35 AM
To: Brad Barnett <lists () l8r net>
Cc: nanog () nanog org
Subject: Re: amazon.com multiple SPF records

 

Hmm, are you sure?

 

[ec2-user@ip-10-0-0-50 ~]$ dig amazon.com <http://amazon.com>  txt +short|grep spf
"v=spf1 include:spf1.amazon.com <http://spf1.amazon.com>  include:spf2.amazon.com <http://spf2.amazon.com>  
include:amazonses.com <http://amazonses.com>  -all"
"spf2.0/pra include:spf1.amazon.com <http://spf1.amazon.com>  include:spf2.amazon.com <http://spf2.amazon.com>  
include:amazonses.com <http://amazonses.com>  -all"
[ec2-user@ip-10-0-0-50 ~]$ 

 

On Mon, Jun 7, 2021 at 7:22 AM Brad Barnett <lists () l8r net <mailto:lists () l8r net> > wrote:


If anyone at Amazon is paying attention, you have duplicate spf1 records
for amazon.com <http://amazon.com> :

# dig -t TXT amazon.com <http://amazon.com>  | grep spf
amazon.com <http://amazon.com> .             281     IN      TXT     "spf2.0/pra include:spf1.amazon.com 
<http://spf1.amazon.com>  include:spf2.amazon.com <http://spf2.amazon.com>  include:amazonses.com 
<http://amazonses.com>  -all"
amazon.com <http://amazon.com> .             281     IN      TXT     "v=spf1 include: amazon.com <http://amazon.com>  
include:spf1.amazon.com <http://spf1.amazon.com>  include:spf2.amazon.com <http://spf2.amazon.com>  
include:amazonses.com <http://amazonses.com>  -all"
amazon.com <http://amazon.com> .             281     IN      TXT     "v=spf1 include:spf1.amazon.com 
<http://spf1.amazon.com>  include:spf2.amazon.com <http://spf2.amazon.com>  include:amazonses.com 
<http://amazonses.com>  -all"

It's causing mail deliverability issues, so users cannot reset their
password, or even get OTP codes reliably.

(I don't know where else to post, as whois/arin contacts aren't
responding, and I can't even imagine trying to go through other methods
of support...)

Current thread:

amazon.com multiple SPF records Brad Barnett (Jun 07)
- Re: amazon.com multiple SPF records Josh Luthman (Jun 07)
- Re: amazon.com multiple SPF records Stephane Bortzmeyer (Jun 07)
- Re: amazon.com multiple SPF records Alec Peterson (Jun 07)
  - RE: amazon.com multiple SPF records Jean St-Laurent via NANOG (Jun 07)
    - Re: amazon.com multiple SPF records Bjørn Mork (Jun 07)
    - Re: amazon.com multiple SPF records Matthew V (Jun 07)
    - RE: amazon.com multiple SPF records Jean St-Laurent via NANOG (Jun 07)
    - Re: amazon.com multiple SPF records Jonathan Leist via NANOG (Jun 07)