The patch for spf.py in bug #268030 removes the lifetime argument from the call to dns.resolver.resolve(), causing the DNS timeout to revert to the default 5 seconds and not use the user-provided value. This causes problems with sites with large SPF lists and slow resolvers (i.e., noaa.gov). General advice from the SPF RFC is to allow 20 seconds for SPF resolution. The correct call should be answers = dns.resolver.resolve(name, qtype, lifetime=timeout) Checked that this call works properly on the current dnspython version.
Committed. Thanks!
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=4fbf489f56e600cd2aea598be2dac18977611dc8 commit 4fbf489f56e600cd2aea598be2dac18977611dc8 Author: Doug White <dwhite-freebsd-bugs@gumbysoft.com> AuthorDate: 2024-11-21 13:34:26 +0000 Commit: Po-Chuan Hsieh <sunpoet@FreeBSD.org> CommitDate: 2024-11-21 13:39:54 +0000 mail/py-pyspf: Add lifetime argument back - Fix 2920ddff74980fdebe12c0ff4d48b067c2e5ebe9 - Bump PORTREVISION for package change PR: 282388 mail/py-pyspf/Makefile | 2 +- mail/py-pyspf/files/patch-spf.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-)