22 Feb
2025
22 Feb
'25
2:30 p.m.
Hi,
According to
https://easydmarc.com/tools/spf-lookup?domain=ianhobson.com the
spf is set up correctly, and it has been for well over the TTL
of 1 hour.
This may not be enough for all of gmail's infrastructure to catch up. I
don't know what they do in there.
If I read this correctly, spf authentication failed.
The spf entry is TXT, NAME=@ DATA="v=spf1 ~all" no quotes.
Anyone got any idea what might be happening?
I have heard (not sure if read or assumed somehow over the years) that
Google prefers to see "-all" (hard fail) rather than "~all" (soft
fail).
Anecdotally, of the domains I run all from my Bitfolk VPS, the ones with
"-all" policies do better than the ones with "~all" policies wrt gmail
delivery and gmail inbox (rather than spam folder) delivery.
I draw that anecdata from domains that don't do DKIM or DMARC but I'm not
sure how much "reputation" I've got from having sent mail consistently from
those domains over years and across multiple gmail policy changes. I send
little enough mail that Google's postmaster tools has nothing to say about
my domains.
Best wishes,
@ndy
--
andyjpb(a)ashurst.eu.org
http://www.ashurst.eu.org/
0x7EBA75FF