The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Cpanel SPF Generator - Input Validation?

Discussion in 'General Discussion' started by n8whnp, Oct 7, 2009.

  1. n8whnp

    n8whnp Member
    Staff Member

    Joined:
    Sep 2, 2007
    Messages:
    13
    Likes Received:
    0
    Trophy Points:
    1
    Does the cpanel SPF generator preform any kind of input validation? I am seeing instances where infinite recursion loops are being preformed in a spf record:

    i.e.

    domain1.com. 14400 IN TXT "v=spf1 a mx include:domain2.com ~all"

    and

    domain2.com. 14400 IN TXT "v=spf1 a mx include:domain1.com ~all"

    This causes you to hit the 10 check_host() limit as described in RFC 4408 (Section 10.1.) which means you allow customers to create records which will get their mail flagged as spam for failing to have working SPF records.

    If you want to make this happen, just put multiple domains in the include list from the same cpanel account and select: Overwrite Existing Entries.
     
  2. Owen.formerlyof

    Owen.formerlyof Registered

    Joined:
    Oct 8, 2009
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    I have a couple of questions that could help me track this issue down.

    1) How did the ~ flag get set on all?
    2) Is one or more of these domains an addon domain?
    3) Are the entries in the same zone on different zones?
     
Loading...

Share This Page