Here's what I get: spfqtool -d 255 -e 1 -i 1.2.3.4 -h mail.example.com -s service@paypal.com SPF Query Tool v0.4 - James Couzens <jcouzens@codeshare.ca> [DEBUG]: Debugging level: 255 [DEBUG]: RFC2821 Mail From: service@paypal.com [DEBUG]: RFC2821 HELO: mail.example.com [DEBUG]: Purported address: 1.2.3.4 [DEBUG]: SPF Explanation: Enabled [DEBUG]: Trusted Forwarder: Disabled [DEBUG]: Best Guess: Disabled SPF short result: softfail SPF verbose result: policy result: [softfail] from rule [~all] SPF explanation: NULL RFC2822 header: Received-SPF: softfail (mail.example.com: domain of transitioning service@paypal.com does not designate 1.2.3.4 as permitted sender) receiver=mail.example.com; client_ip=1.2.3.4; envelope-from=service@paypal.com; This is the correct result. It may be that paypal.com had a broken SPF record at one point and they've fixed it now. It may have also been a transient DNS problem. Scott K
Attachment:
signature.asc
Description: This is a digitally signed message part.