Problems with SPF and PMG version 8

[pasdif]

Hello,

I have had pmg version 8 installed for a couple of days now.

Some messages are rejected because the SPF check is not done correctly.

The domain is bancsabadell.com of a major Spanish bank and this is the SPF record

v=spf1 exists:%{i}._i.%{d}._d.espf.dmp.cisco.com include:%{d}.8e.spf-protect.dmp.cisco.com -all

I therefore did the console test

On PMG ver 8

root@mx-pmg-8:~# spfquery -s mail@bancsabadell.com --ip-address 207.54.65.48
fail
Rejected by SPF record
bancsabadell.com: Sender is not authorized by default to use 'mail@bancsabadell.com' in 'mfrom' identity (mechanism '-all' matched)
Received-SPF: fail (bancsabadell.com: Sender is not authorized by default to use 'mail@bancsabadell.com' in 'mfrom' identity (mechanism '-all' matched)) receiver=mx.bclabnet.com; identity=mailfrom; envelope-from="mail@bancsap=207.54.65.48

whereas on version 7.3.7 everything works correctly

root@mx-pmg-7:~# spfquery -s mail@bancsabadell.com --ip-address 207.54.65.48
pass
bancsabadell.com: Sender is authorized to use 'mail@bancsabadell.com' in 'mfrom' identity (mechanism 'exists:%{i}._i.%{d}._d.espf.dmp.cisco.com' matched)
bancsabadell.com: Sender is authorized to use 'mail@bancsabadell.com' in 'mfrom' identity (mechanism 'exists:%{i}._i.%{d}._d.espf.dmp.cisco.com' matched)
Received-SPF: pass (bancsabadell.com: Sender is authorized to use 'mail@bancsabadell.com' in 'mfrom' identity (mechanism 'exists:%{i}._i.%{d}._d.espf.dmp.cisco.com' matched)) receiver=mx.bclabnet.com; identity=mailfrom; envelope-from="mail@bancsabadell.com"; client-ip=207.54.65.48

This is really a big problem. Mainly because they are CISCO servers that are not recognised as valid .

Thank you in advance for any help.

 

[pasdif]

Sorry to have disturbed you. I found the problem. it is the pfsense dns that gives incorrect response when a dns returns local ip addresses like 127.0.0.2