Failed SPF infusionmail.com IPs

Max Classic
1

Martin, we updated our SPF record back to that suggested by your admins. Below you’ll find a DMARC report with several infusionmail ips that are failing SPF. They are: 35.227.130.41, 35.227.130.44, 35.227.130.47, 35.227.130.56, 35.227.130.59, and 35.227.130.62

Thank you for looking into this.

Regards,

Ian

<?xml version="1.0" encoding="UTF-8" ?> 
<feedback>
  <report_metadata>
    <org_name>google.com</org_name>
    <email>noreply-dmarc-support@google.com</email>
    <extra_contact_info>https://support.google.com/a/answer/2466580</extra_contact_info>
    <report_id>9735508897688688655</report_id>
    <date_range>
      <begin>1536537600</begin>
      <end>1536623999</end>
    </date_range>
  </report_metadata>
  <policy_published>
    <domain>themarkofmastery.com</domain>
    <adkim>r</adkim>
    <aspf>r</aspf>
    <p>none</p>
    <sp>none</sp>
    <pct>100</pct>
  </policy_published>
  <record>
    <row>
      <source_ip>35.227.130.47</source_ip>
      <count>1</count>
      <policy_evaluated>
        <disposition>none</disposition>
        <dkim>pass</dkim>
        <spf>fail</spf>
      </policy_evaluated>
    </row>
    <identifiers>
      <header_from>themarkofmastery.com</header_from>
    </identifiers>
    <auth_results>
      <dkim>
        <domain>infusionmail.com</domain>
        <result>pass</result>
        <selector>dkim1024</selector>
      </dkim>
      <dkim>
        <domain>themarkofmastery.com</domain>
        <result>pass</result>
        <selector>1d484db4-fb80-488c-a059-2a8d52b56453</selector>
      </dkim>
      <spf>
        <domain>infusionmail.com</domain>
        <result>pass</result>
      </spf>
    </auth_results>
  </record>
  <record>
    <row>
      <source_ip>35.227.130.62</source_ip>
      <count>1</count>
      <policy_evaluated>
        <disposition>none</disposition>
        <dkim>pass</dkim>
        <spf>fail</spf>
      </policy_evaluated>
    </row>
    <identifiers>
      <header_from>themarkofmastery.com</header_from>
    </identifiers>
    <auth_results>
      <dkim>
        <domain>infusionmail.com</domain>
        <result>pass</result>
        <selector>dkim1024</selector>
      </dkim>
      <dkim>
        <domain>themarkofmastery.com</domain>
        <result>pass</result>
        <selector>1d484db4-fb80-488c-a059-2a8d52b56453</selector>
      </dkim>
      <spf>
        <domain>infusionmail.com</domain>
        <result>pass</result>
      </spf>
    </auth_results>
  </record>
  <record>
    <row>
      <source_ip>35.227.130.59</source_ip>
      <count>2</count>
      <policy_evaluated>
        <disposition>none</disposition>
        <dkim>pass</dkim>
        <spf>fail</spf>
      </policy_evaluated>
    </row>
    <identifiers>
      <header_from>themarkofmastery.com</header_from>
    </identifiers>
    <auth_results>
      <dkim>
        <domain>infusionmail.com</domain>
        <result>pass</result>
        <selector>dkim1024</selector>
      </dkim>
      <dkim>
        <domain>themarkofmastery.com</domain>
        <result>pass</result>
        <selector>1d484db4-fb80-488c-a059-2a8d52b56453</selector>
      </dkim>
      <spf>
        <domain>infusionmail.com</domain>
        <result>pass</result>
      </spf>
    </auth_results>
  </record>
  <record>
    <row>
      <source_ip>35.227.130.56</source_ip>
      <count>1</count>
      <policy_evaluated>
        <disposition>none</disposition>
        <dkim>pass</dkim>
        <spf>fail</spf>
      </policy_evaluated>
    </row>
    <identifiers>
      <header_from>themarkofmastery.com</header_from>
    </identifiers>
    <auth_results>
      <dkim>
        <domain>infusionmail.com</domain>
        <result>pass</result>
        <selector>dkim1024</selector>
      </dkim>
      <dkim>
        <domain>themarkofmastery.com</domain>
        <result>pass</result>
        <selector>1d484db4-fb80-488c-a059-2a8d52b56453</selector>
      </dkim>
      <spf>
        <domain>infusionmail.com</domain>
        <result>pass</result>
      </spf>
    </auth_results>
  </record>
  <record>
    <row>
      <source_ip>35.227.130.44</source_ip>
      <count>1</count>
      <policy_evaluated>
        <disposition>none</disposition>
        <dkim>pass</dkim>
        <spf>fail</spf>
      </policy_evaluated>
    </row>
    <identifiers>
      <header_from>themarkofmastery.com</header_from>
    </identifiers>
    <auth_results>
      <dkim>
        <domain>infusionmail.com</domain>
        <result>pass</result>
        <selector>dkim1024</selector>
      </dkim>
      <dkim>
        <domain>themarkofmastery.com</domain>
        <result>pass</result>
        <selector>1d484db4-fb80-488c-a059-2a8d52b56453</selector>
      </dkim>
      <spf>
        <domain>infusionmail.com</domain>
        <result>pass</result>
      </spf>
    </auth_results>
  </record>
  <record>
    <row>
      <source_ip>35.227.130.41</source_ip>
      <count>1</count>
      <policy_evaluated>
        <disposition>none</disposition>
        <dkim>pass</dkim>
        <spf>fail</spf>
      </policy_evaluated>
    </row>
    <identifiers>
      <header_from>themarkofmastery.com</header_from>
    </identifiers>
    <auth_results>
      <dkim>
        <domain>infusionmail.com</domain>
        <result>pass</result>
        <selector>dkim1024</selector>
      </dkim>
      <dkim>
        <domain>themarkofmastery.com</domain>
        <result>pass</result>
        <selector>1d484db4-fb80-488c-a059-2a8d52b56453</selector>
      </dkim>
      <spf>
        <domain>infusionmail.com</domain>
        <result>pass</result>
      </spf>
    </auth_results>
  </record>
</feedback>
1 Like
2

Here is another:
<?xml version="1.0"?>

<report_metadata>
<org_name>Yahoo! Inc.</org_name>
postmaster@dmarc.yahoo.com
<report_id>1537147251.912469</report_id>
<date_range>
1537056000
1537142399
</date_range>
</report_metadata>
<policy_published>
themarkofmastery.com
r
r

none


100
</policy_published>


<source_ip>35.227.130.46</source_ip>
1
<policy_evaluated>
none
pass
fail
</policy_evaluated>


<header_from>themarkofmastery.com</header_from>

<auth_results>

themarkofmastery.com
pass


infusionmail.com
pass

</auth_results>

5

It seems there’s some confusion on how to interpret the DMARC reports. Those IPs are not failing SPF. The infusionmail.com SPF record clearly allows them:

v=spf1 a:infusionsoft.com ip4:208.76.24.0/22 ip4:35.227.130.0/24 ip4:70.166.203.186 ip4:70.166.203.176/28 ip4:70.166.189.64/29 -all

All of those IPs fall within the 35.227.130.0/24 IP range allowed by infusionmail.com’s SPF record. Instead, they are failing SPF alignment. The domain used in the “MAIL FROM” portion of the SMTP transaction is “infusionmail.com”. The domain used in the “From:” header of the email is “themarkofmastery.com”. Therefore, even though SPF passes (infusionmail.com authorizes IP addresses within the 35.227.130.0/24 range), it fails DMARC’s alignment requirements.

DMARC requires that either SPF or DMARC passes and is aligned, not both. Infusionsoft is DMARC-compliant through the use of DKIM, which does pass alignment (as shown in your DMARC report). We will not pass DMARC’s SPF alignment test since we do not use your domain as the sending domain during the “MAIL FROM” portion of the SMTP transaction. This is intentional - the “MAIL FROM” email address is also the “Return-Path” address where bounce notifications are sent, which allows us to remove invalid email addresses from your list to preserve your (and our) deliverability.

3 Likes
6

Thank you for clarifying! We will tighten down our SPF record and consider this resolved.

1 Like