[Rspamd-Users] SPF DNS Error / R_SPF_DNSFAIL
Carlos Mogas da Silva
r3pek at r3pek.org
Wed Jan 4 08:51:20 UTC 2023
On Sun, 2023-01-01 at 17:44 +0100, Max Grobecker wrote:
> I had this problem and tracked it down to a problem consisting of:
> - Domain has very many and/or large TXT records in APEX (where the SPF record is)
> - DNS resolver replies with a truncated response to not have to fragment UDP packets and expects you to request
> again via TCP for full answer
> - Rspamd uses a resolving library which does not do that
> I solved this by using systemd-resolved (which handles this) and pointing Rspamd to 127.0.0.53 to resolve through the
> systemd-resolved service.
Tried setting up systemd-resolved but the problem perssists unfortunately. Really can't understand what its causing this
because a normal "dig" shows the correct results. Also it happens to all domains, not just a couple of them.
More information about the Users