Closed Pascal76 closed 8 years ago
Hi,
I can't test your lookup right now, but can you tell me what this outputs on your env?
<?php
var_dump(dns_get_record('news2.cdiscount.com', DNS_A | DNS_AAAA));
var_dump(dns_get_record('google.fr', DNS_A | DNS_AAAA));
From what I see, it would seem that you have a resolution problem on your web server
<?php
require 'vendor/autoload.php';
use Mika56\SPFCheck\SPFCheck; use Mika56\SPFCheck\DNSRecordGetter;
$checker = new SPFCheck(new DNSRecordGetter());
var_dump(dns_get_record('news2.cdiscount.com', DNS_A | DNS_AAAA)); var_dump(dns_get_record('google.fr', DNS_A | DNS_AAAA));
?>
php test3.php array(0) { } array(2) { [0]=> array(5) { ["host"]=> string(9) "google.fr" ["class"]=> string(2) "IN" ["ttl"]=> int(290) ["type"]=> string(1) "A" ["ip"]=> string(14) "172.217.18.227" } [1]=> array(5) { ["host"]=> string(9) "google.fr" ["class"]=> string(2) "IN" ["ttl"]=> int(291) ["type"]=> string(4) "AAAA" ["ipv6"]=> string(24) "2a00:1450:4007:80c::2003" } }
I think news2.cdiscount.com don't have A record even thougth declared on spf TXT record and that your app crashes when there is no A (or others ?) record as its expects to
Okay, I know what's wrong.
The domain news2.cdiscount.com has no associated A record.
The SPF record of news2.cdiscount.com is v=spf1 a mx ip4:83.206.208.128/25 ip4:81.252.92.0/23 ip4:86.64.210.0/23 ip4:195.62.74.0/23 ip4:213.56.211.64/26 ip4:81.252.251.70/32 ip4:157.55.234.253 ip4:217.109.56.0/24 ip4:62.122.9.0/24 include:spf.protection.outlook.com ~all
. First mechanism is a
, which means the script has to check IP against A records (which there are none).
I think this shouldn't be a problem, it should just not match (at least that mechanism). I'll try to find what the correct behaviour should be. I hope to push a fix tomorrow.
thank you :)
by the way if I do multiple $result = $checker->isIPAllowed($row['ip'], $row['return_path_domain']); for the same returnpath domain, it is slow. Do you resolve every time without cache ? (my dns cache seems to no be used too...)
This should be fixed in master right now. I've opened #8 for the cache issue
Hi
did I do something wrong ?
var_dump($checker->isIPAllowed('217.109.56.203', 'news2.cdiscount.com'));
[23-Aug-2016 00:00:29 Europe/Paris] PHP Fatal error: Uncaught exception 'Mika56\SPFCheck\Exception\DNSLookupException' in /apache_sites/jbm/spf/vendor/mika56/spfcheck/src/DNSRecordGetter.php:45 Stack trace:
0 /apache_sites/jbm/spf/vendor/mika56/spfcheck/src/SPFCheck.php(143): Mika56\SPFCheck\DNSRecordGetter->resolveA('news2.cdiscount...')
1 /apache_sites/jbm/spf/vendor/mika56/spfcheck/src/SPFCheck.php(85): Mika56\SPFCheck\SPFCheck->ipMatchesPart('217.109.56.203', 'a', 'news2.cdiscount...')
2 /apache_sites/jbm/spf/vendor/mika56/spfcheck/src/SPFCheck.php(61): Mika56\SPFCheck\SPFCheck->doCheck('217.109.56.203', 'news2.cdiscount...')
3 /apache_sites/jbm/spf/test.php(9): Mika56\SPFCheck\SPFCheck->isIPAllowed('217.109.56.203', 'news2.cdiscount...')
4 {main}
thrown in /apache_sites/jbm/spf/vendor/mika56/spfcheck/src/DNSRecordGetter.php on line 45