Hi

I have inherited several websites from my predecessor.
All websites have a contact form.
For one of them though, the contact mail is not delivered to my Outlook 365 account.

I found out (by sending it to Gmail) that this one website contact form sent with
SPF: FAIL met IP-adres xxx.xxx.xxx.xxx

For all other sites, I receive:
SPF: PASS met IP-adres 0.0.0.0

Does anyone have an idea why this one site has an IP address as sender?
And, even more important: how can I remove this?

(Hosts are all the same, email address from the receiver is the same, Drupal version 7.54....)

Best regards
Bart

Comments

John_B’s picture

From the point of the receiving email server, every mail has an IP address as a sender. The SPF records states whether that IP address is the legitimate server to send the email in question. SPF records are used as one method of detecting spam. Google mail is especially picky about SPF records.

This is not a Drupal question. Any email originating from the server in question will face a similar issue, if the SPF record is missing or not correct. You need to log in to the nameserver for your domain and create an SPF record. There are many tutorials on this including some documentation provided by Gmail which you can search for, so I won't attempt to write another here. If you do not have access to the nameserver / DNS for your domain, you need to ask the person who does have such access to set up a correct SPF record for it, on the basis that it will be sending out emails.

Just to be clear, we are talking about setting up an SPF record for the domain which is shown as as 'sent from' address on the email. This will probably be on the same domain as your website's URL. Often but not always this is also the same as the 'reply to' address which goes out in your email headers. I won't say any more because, as I mentioned, setting up a server to be able to deliver email in a way which does not get caught in spam filters is a general topic and not specific to Drupal. An email specialist is better qualified to advise on it than a Drupal specialist.

Digit Professionals specialising in Drupal, WordPress & CiviCRM support for publishers in non-profit and related sectors

Barser’s picture

Hi John

Thank you for your input.

My question did not really relate to the failed spf.
It deals with the fact that there is an IP sent with it.
In all other sites, there is no IP address in the contact form.
But with this one site, there seems to be.
I want to get rid of it, but I don't know how...

So I have to disagree here, it is a Drupal question, because the address gets sent from there...

John_B’s picture

Nothing to do with Drupal. The received from address is detected by the receiving email server. So for example if the email goes from the server hosting the Drupal site, then chokes on an SPF FAIL before it gets into Gmail, you will see Gmail has detected the server's IP as the origin and checked the SPF record for that. If it gets past Gmail's spam filters, and into the internal system, then somewhere in the internal firewall or server it is being relayed with an internal address 0.0.0.0.

None of your sites or contact forms are sending an IP address in the Received from header. The IP address reported in the FAIL for the hop where the SPF test fails (external for the real xxx.xxx.xxx.xxx address, and and internal where it is seeing 0.0.0.0) is being detected from the routing the by the receving server. It is a matter for the sysadmin, and cannot be fixed from the Drupal end.

You would not be seeing the 0.0.0.0. unless there is some kind of internal network running which is obscuring the real origin IP address which is nromally detected from the routing for all your Drupal sites and all other sources of email by the first receiving email server in the chain.

Digit Professionals specialising in Drupal, WordPress & CiviCRM support for publishers in non-profit and related sectors