Почему электронная почта поставляет обычно несмотря на SPF “hardfail”?
Ошибка указывает, что scriptResourceHandler определяется дважды. Ключ не является 500.19 (что-то плохо произошло в конфигурации), это - текст ошибки.
Это довольно характерно для хит это с scriptResourceHandler.
Короче говоря: удалите его из web.config приложения, и это должно работать. С другой стороны, добавьте a или запись для него в web.config, затем повторно добавьте его.
Это, вероятно, определило выше в иерархии конфигурации где-нибудь.
SPF is so badly configured by so many sites that receiving MTAs often count hardfail as advisory only, and merely factor it into their spam detection scores. In the end it's up to the MTA's administrator as to how SPF failures will be treated.
SPF error conditions do not indicate anything about the desired policy. As such they provide no guidance as to whether or not to accept the message. It is possible that the intended policy is +all. It is normal to accept mail in this case. It appears Google is being lenient with this domains failure to comply with the standard.
Even SPF policy rejections (-all) are unreliable when validating sender addresses. There are a number of cases where rejecting such mail would be inappropriate including:
- Mail sent by contracted mailers (These people get paid to violate the policy.);
- Mail sent from web forms and other such automated system;
- Mail forwarded by mailing lists or other forwarding mechanisms; and
- Just plain misconfiguration of the SPF records (not common, but not rare enough).
I run a fairly small server where I can defer on hard-fails. This allows me to white list legitimate failures. If the sender notices the mail isn't get delivered, they may fix their configuration. In some cases I will attempt to contact the relevant postmaster, but many domains don't have a postmaster address.
Users who want to enforce a stronger policy can use DMARC, which is not yet a standard. Mail is still likely to be delivered, but may be quarantined or rejected as specified in that policy. Mail which fails the policy may to be delivered to the spam folder, rather than the normal inbox.
SPF hard fails do seem to be reliable to validate the sending server's identity. I did some research a while ago, and found that even soft fails on the HELO name are a reasonable reason to fail or defer incoming messages.
Many mail servers don't have an SPF record. If the mail server does not have an SPF record, I check against the parent domain for an an SPF record. This is non-standard, but effective. I encourage email administrators to ensure there is a an SPF record for the servers IP as listed in the PTR record. Your server should identify itself by the name returned by its PTR record as well. Verify you have a corresponding A record for reverse DNS verification.