amazon.com multiple SPF records
If anyone at Amazon is paying attention, you have duplicate spf1 records for amazon.com: # dig -t TXT amazon.com | grep spf amazon.com. 281 IN TXT "spf2.0/pra include:spf1.amazon.com include:spf2.amazon.com include:amazonses.com -all" amazon.com. 281 IN TXT "v=spf1 include: amazon.com include:spf1.amazon.com include:spf2.amazon.com include:amazonses.com -all" amazon.com. 281 IN TXT "v=spf1 include:spf1.amazon.com include:spf2.amazon.com include:amazonses.com -all" It's causing mail deliverability issues, so users cannot reset their password, or even get OTP codes reliably. (I don't know where else to post, as whois/arin contacts aren't responding, and I can't even imagine trying to go through other methods of support...)
Not on my servers, but I clearly just did a lookup. C:\Users\jluthman>dig -t TXT amazon.com|findstr spf amazon.com. 900 IN TXT "spf2.0/pra include: spf1.amazon.com include:spf2.amazon.com include:amazonses.com -all" amazon.com. 900 IN TXT "v=spf1 include: spf1.amazon.com include:spf2.amazon.com include:amazonses.com -all" Josh Luthman 24/7 Help Desk: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Mon, Jun 7, 2021 at 10:19 AM Brad Barnett <lists@l8r.net> wrote:
If anyone at Amazon is paying attention, you have duplicate spf1 records for amazon.com:
# dig -t TXT amazon.com | grep spf amazon.com. 281 IN TXT "spf2.0/pra include: spf1.amazon.com include:spf2.amazon.com include:amazonses.com -all" amazon.com. 281 IN TXT "v=spf1 include: amazon.com include:spf1.amazon.com include:spf2.amazon.com include: amazonses.com -all" amazon.com. 281 IN TXT "v=spf1 include: spf1.amazon.com include:spf2.amazon.com include:amazonses.com -all"
It's causing mail deliverability issues, so users cannot reset their password, or even get OTP codes reliably.
(I don't know where else to post, as whois/arin contacts aren't responding, and I can't even imagine trying to go through other methods of support...)
On Sat, Jun 05, 2021 at 07:59:40AM -0400, Brad Barnett <lists@L8R.net> wrote a message of 15 lines which said:
If anyone at Amazon is paying attention, you have duplicate spf1 records for amazon.com:
If so, it is now gone. Not one RIPE Atlas probe see this duplication: % blaeu-resolve -r 100 --ednssize 4096 --type TXT amazon.com ["facebook-domain-verification=d9u57u52gylohx845ogo1axzpywpmq" "google-site-verification=14wgw2mdnmxchg8plinf7lgqqe0owwhqoq0hkhb7rdq" "ms=4b600b22799eb2cac0d8ff0a3a3caeca5ee2bf3a" "pardot326621=b26a7b44d7c73d119ef9dfd1a24d93c77d583ac50ba4ecedd899a9134734403b" "spf2.0/pra include:spf1.amazon.com include:spf2.amazon.com include:amazonses.co "v=spf1 include:spf1.amazon.com include:spf2.amazon.com include:amazonses.com -a "wrike-verification=mzi3nzm2odo2ndk5mje4njq2mwjmotewmgmxm2mznzjmnwjly2u5zdu4mmvl] : 95 occurrences [ (TRUNCATED - EDNS buffer size was 4096 ) ] : 1 occurrences Test #30676407 done at 2021-06-07T14:31:16Z
Hmm, are you sure? [ec2-user@ip-10-0-0-50 ~]$ dig amazon.com txt +short|grep spf "v=spf1 include:spf1.amazon.com include:spf2.amazon.com include: amazonses.com -all" "spf2.0/pra include:spf1.amazon.com include:spf2.amazon.com include: amazonses.com -all" [ec2-user@ip-10-0-0-50 ~]$ On Mon, Jun 7, 2021 at 7:22 AM Brad Barnett <lists@l8r.net> wrote:
If anyone at Amazon is paying attention, you have duplicate spf1 records for amazon.com:
# dig -t TXT amazon.com | grep spf amazon.com. 281 IN TXT "spf2.0/pra include: spf1.amazon.com include:spf2.amazon.com include:amazonses.com -all" amazon.com. 281 IN TXT "v=spf1 include: amazon.com include:spf1.amazon.com include:spf2.amazon.com include: amazonses.com -all" amazon.com. 281 IN TXT "v=spf1 include: spf1.amazon.com include:spf2.amazon.com include:amazonses.com -all"
It's causing mail deliverability issues, so users cannot reset their password, or even get OTP codes reliably.
(I don't know where else to post, as whois/arin contacts aren't responding, and I can't even imagine trying to go through other methods of support...)
What is spf2.0/pra ? Is this new? Jean From: NANOG <nanog-bounces+jean=ddostest.me@nanog.org> On Behalf Of Alec Peterson Sent: June 7, 2021 10:35 AM To: Brad Barnett <lists@l8r.net> Cc: nanog@nanog.org Subject: Re: amazon.com multiple SPF records Hmm, are you sure? [ec2-user@ip-10-0-0-50 ~]$ dig amazon.com <http://amazon.com> txt +short|grep spf "v=spf1 include:spf1.amazon.com <http://spf1.amazon.com> include:spf2.amazon.com <http://spf2.amazon.com> include:amazonses.com <http://amazonses.com> -all" "spf2.0/pra include:spf1.amazon.com <http://spf1.amazon.com> include:spf2.amazon.com <http://spf2.amazon.com> include:amazonses.com <http://amazonses.com> -all" [ec2-user@ip-10-0-0-50 ~]$ On Mon, Jun 7, 2021 at 7:22 AM Brad Barnett <lists@l8r.net <mailto:lists@l8r.net> > wrote: If anyone at Amazon is paying attention, you have duplicate spf1 records for amazon.com <http://amazon.com> : # dig -t TXT amazon.com <http://amazon.com> | grep spf amazon.com <http://amazon.com> . 281 IN TXT "spf2.0/pra include:spf1.amazon.com <http://spf1.amazon.com> include:spf2.amazon.com <http://spf2.amazon.com> include:amazonses.com <http://amazonses.com> -all" amazon.com <http://amazon.com> . 281 IN TXT "v=spf1 include: amazon.com <http://amazon.com> include:spf1.amazon.com <http://spf1.amazon.com> include:spf2.amazon.com <http://spf2.amazon.com> include:amazonses.com <http://amazonses.com> -all" amazon.com <http://amazon.com> . 281 IN TXT "v=spf1 include:spf1.amazon.com <http://spf1.amazon.com> include:spf2.amazon.com <http://spf2.amazon.com> include:amazonses.com <http://amazonses.com> -all" It's causing mail deliverability issues, so users cannot reset their password, or even get OTP codes reliably. (I don't know where else to post, as whois/arin contacts aren't responding, and I can't even imagine trying to go through other methods of support...)
SPF 2.0 was used to designate a SenderID policy. It was experimental and never saw widespread adoption. On Mon, Jun 7, 2021 at 1:19 PM Jean St-Laurent via NANOG <nanog@nanog.org> wrote:
What is spf2.0/pra ?
Is this new?
Jean
*From:* NANOG <nanog-bounces+jean=ddostest.me@nanog.org> *On Behalf Of *Alec Peterson *Sent:* June 7, 2021 10:35 AM *To:* Brad Barnett <lists@l8r.net> *Cc:* nanog@nanog.org *Subject:* Re: amazon.com multiple SPF records
Hmm, are you sure?
[ec2-user@ip-10-0-0-50 ~]$ dig amazon.com txt +short|grep spf "v=spf1 include:spf1.amazon.com include:spf2.amazon.com include: amazonses.com -all" "spf2.0/pra include:spf1.amazon.com include:spf2.amazon.com include: amazonses.com -all" [ec2-user@ip-10-0-0-50 ~]$
On Mon, Jun 7, 2021 at 7:22 AM Brad Barnett <lists@l8r.net> wrote:
If anyone at Amazon is paying attention, you have duplicate spf1 records for amazon.com:
# dig -t TXT amazon.com | grep spf amazon.com. 281 IN TXT "spf2.0/pra include: spf1.amazon.com include:spf2.amazon.com include:amazonses.com -all" amazon.com. 281 IN TXT "v=spf1 include: amazon.com include:spf1.amazon.com include:spf2.amazon.com include: amazonses.com -all" amazon.com. 281 IN TXT "v=spf1 include: spf1.amazon.com include:spf2.amazon.com include:amazonses.com -all"
It's causing mail deliverability issues, so users cannot reset their password, or even get OTP codes reliably.
(I don't know where else to post, as whois/arin contacts aren't responding, and I can't even imagine trying to go through other methods of support...)
-- Jonathan Leist Senior Systems Engineer
Jean St-Laurent via NANOG <nanog@nanog.org> writes:
What is spf2.0/pra ?
https://datatracker.ietf.org/doc/html/rfc4406 It doesn't say April 1st, but it is pretty close.... Bjørn
Thanks for the update. Is amazon publishing that old techno since long time or it just appeared recently? I don’t recall seeing that with amazon-ses.com. Jean From: NANOG <nanog-bounces+jean=ddostest.me@nanog.org> On Behalf Of Matthew V Sent: June 7, 2021 2:07 PM To: nanog@nanog.org Subject: Re: amazon.com multiple SPF records On 2021-06-07 1:17 p.m., Jean St-Laurent via NANOG wrote: What is spf2.0/pra ? Is this new? This is the old (now widely abandoned/depreciated) Sender ID standard. ~ Matt
participants (8)
-
Alec Peterson -
Bjørn Mork -
Brad Barnett -
Jean St-Laurent -
Jonathan Leist -
Josh Luthman -
Matthew V -
Stephane Bortzmeyer