Here's what I get: spfqtool -d 255 -e 1 -i 22.214.171.124 -h mail.example.com -s email@example.com SPF Query Tool v0.4 - James Couzens <firstname.lastname@example.org> [DEBUG]: Debugging level: 255 [DEBUG]: RFC2821 Mail From: email@example.com [DEBUG]: RFC2821 HELO: mail.example.com [DEBUG]: Purported address: 126.96.36.199 [DEBUG]: SPF Explanation: Enabled [DEBUG]: Trusted Forwarder: Disabled [DEBUG]: Best Guess: Disabled SPF short result: softfail SPF verbose result: policy result: [softfail] from rule [~all] SPF explanation: NULL RFC2822 header: Received-SPF: softfail (mail.example.com: domain of transitioning firstname.lastname@example.org does not designate 188.8.131.52 as permitted sender) receiver=mail.example.com; client_ip=184.108.40.206; email@example.com; This is the correct result. It may be that paypal.com had a broken SPF record at one point and they've fixed it now. It may have also been a transient DNS problem. Scott K
Description: This is a digitally signed message part.