Jonathan Leist
Senior Systems Engineer
What is spf2.0/pra ?
Is this new?
Jean
From: NANOG <nanog-bounces+jean=ddostest.me@nanog.org> On Behalf Of Alec Peterson
Sent: June 7, 2021 10:35 AM
To: Brad Barnett <lists@l8r.net>
Cc: nanog@nanog.org
Subject: Re: amazon.com multiple SPF records
Hmm, are you sure?
[ec2-user@ip-10-0-0-50 ~]$ dig amazon.com txt +short|grep spf
"v=spf1 include:spf1.amazon.com include:spf2.amazon.com include:amazonses.com -all"
"spf2.0/pra include:spf1.amazon.com include:spf2.amazon.com include:amazonses.com -all"
[ec2-user@ip-10-0-0-50 ~]$
On Mon, Jun 7, 2021 at 7:22 AM Brad Barnett <lists@l8r.net> wrote:
If anyone at Amazon is paying attention, you have duplicate spf1 records
for amazon.com:
# dig -t TXT amazon.com | grep spf
amazon.com. 281 IN TXT "spf2.0/pra include:spf1.amazon.com include:spf2.amazon.com include:amazonses.com -all"
amazon.com. 281 IN TXT "v=spf1 include: amazon.com include:spf1.amazon.com include:spf2.amazon.com include:amazonses.com -all"
amazon.com. 281 IN TXT "v=spf1 include:spf1.amazon.com include:spf2.amazon.com include:amazonses.com -all"
It's causing mail deliverability issues, so users cannot reset their
password, or even get OTP codes reliably.
(I don't know where else to post, as whois/arin contacts aren't
responding, and I can't even imagine trying to go through other methods
of support...)