[Rspamd-Users] SPF DNS Error / R_SPF_DNSFAIL

Carlos Mogas da Silva r3pek at r3pek.org
Wed Jan 4 08:51:20 UTC 2023


On Sun, 2023-01-01 at 17:44 +0100, Max Grobecker wrote:
> I had this problem and tracked it down to a problem consisting of:
>   - Domain has very many and/or large TXT records in APEX (where the SPF record is)
>   - DNS resolver replies with a truncated response to not have to fragment UDP packets and expects you to request
> again via TCP for full answer
>   - Rspamd uses a resolving library which does not do that
> 
> I solved this by using systemd-resolved (which handles this) and pointing Rspamd to 127.0.0.53 to resolve through the
> systemd-resolved service.


Tried setting up systemd-resolved but the problem perssists unfortunately. Really can't understand what its causing this
because a normal "dig" shows the correct results. Also it happens to all domains, not just a couple of them.


More information about the Users mailing list