Cpanel SPF Generator - Input Validation?

N

n8whnp

Member
Sep 2, 2007
13
0
51
Does the cpanel SPF generator preform any kind of input validation? I am seeing instances where infinite recursion loops are being preformed in a spf record:

i.e.

domain1.com. 14400 IN TXT "v=spf1 a mx include:domain2.com ~all"

and

domain2.com. 14400 IN TXT "v=spf1 a mx include:domain1.com ~all"

This causes you to hit the 10 check_host() limit as described in RFC 4408 (Section 10.1.) which means you allow customers to create records which will get their mail flagged as spam for failing to have working SPF records.

If you want to make this happen, just put multiple domains in the include list from the same cpanel account and select: Overwrite Existing Entries.
 
O

Owen.formerlyof

Registered
Oct 8, 2009
1
0
51
I have a couple of questions that could help me track this issue down.

1) How did the ~ flag get set on all?
2) Is one or more of these domains an addon domain?
3) Are the entries in the same zone on different zones?
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
M old cPanel edit SPF record Email 3
P [CPANEL-31754] SPF false positive, fails on valid senders after upgrade Email 37
C SOLVED SPF record configuration via Cpanel Email 2
4 SOLVED [CPANEL-30649] Misleading message on "Email Deliverability" SPF / DKIM option. Email 20
V how to fix cpanel spf and dkim generator scripts for my configuration Email 1
Similar threads
old cPanel edit SPF record
[CPANEL-31754] SPF false positive, fails on valid senders after upgrade
SOLVED SPF record configuration via Cpanel
SOLVED [CPANEL-30649] Misleading message on "Email Deliverability" SPF / DKIM option.
how to fix cpanel spf and dkim generator scripts for my configuration
Top Bottom