Here's what I get: spfqtool -d 255 -e 1 -i 18.104.22.168 -h mail.example.com -s firstname.lastname@example.org SPF Query Tool v0.4 - James Couzens <email@example.com> [DEBUG]: Debugging level: 255 [DEBUG]: RFC2821 Mail From: firstname.lastname@example.org [DEBUG]: RFC2821 HELO: mail.example.com [DEBUG]: Purported address: 22.214.171.124 [DEBUG]: SPF Explanation: Enabled [DEBUG]: Trusted Forwarder: Disabled [DEBUG]: Best Guess: Disabled SPF short result: softfail SPF verbose result: policy result: [softfail] from rule [~all] SPF explanation: NULL RFC2822 header: Received-SPF: softfail (mail.example.com: domain of transitioning email@example.com does not designate 126.96.36.199 as permitted sender) receiver=mail.example.com; client_ip=188.8.131.52; firstname.lastname@example.org; This is the correct result. It may be that paypal.com had a broken SPF record at one point and they've fixed it now. It may have also been a transient DNS problem. Scott K
Description: This is a digitally signed message part.