This was filed on Launchpad against my SPF policy server, but I think it's rather a pyspf issue.
Bug description:
We're seeing the following from one domain:
Traceback (most recent call last):
File "/usr/lib/python-exec/python3.4/policyd-spf", line 700, in <module>
instance_dict, configData, peruser)
File "/usr/lib/python-exec/python3.4/policyd-spf", line 524, in _spfcheck
res = spf.check2(ip, sender, helo, querytime=configData.get('Lookup_Time'))
File "/usr/lib64/python3.4/site-packages/spf.py", line 297, in check2
receiver=receiver,timeout=timeout,verbose=verbose,querytime=querytime).check()
File "/usr/lib64/python3.4/site-packages/spf.py", line 547, in check
rc = self.check1(spf, self.d, 0)
File "/usr/lib64/python3.4/site-packages/spf.py", line 586, in check1
return self.check0(spf, recursion)
File "/usr/lib64/python3.4/site-packages/spf.py", line 906, in check0
if self.cidrmatch([arg], cidrlength): break
File "/usr/lib64/python3.4/site-packages/spf.py", line 1348, in cidrmatch
for netwrk in [ipaddress.ip_network(ip) for ip in ipaddrs]:
File "/usr/lib64/python3.4/site-packages/spf.py", line 1348, in <listcomp>
for netwrk in [ipaddress.ip_network(ip) for ip in ipaddrs]:
File "/usr/lib64/python3.4/ipaddress.py", line 84, in ip_network
address)
ValueError: '208.117.60.150\n' does not appear to be an IPv4 or IPv6 network
This comes from nfp.com, who have a busted SPF record:
$ dig +short nfp.com txt | grep spf "v=spf1 ip4:66.194.186.0/24 ip4:208.66.204.0/22 ip4:208.85.51.54 ip4:50.31.32.156 ip4:208.117.60.150\010 ip4:204.155.62.0/24 ip4:192.26.131.0/24 include:spf-000a5001.pphosted.com include:_netblocks.mimecast.com include:hr360spf.smtp.com include:include:as" "pmx.pardot.com include:FirmSPF2.nfp.com -all"
Notice the "ip4:208.117.60.150\010" with an escaped newline at the end
for god-knows-why.
For reference:
https://bugs.launchpad.net/pypolicyd-spf/+bug/1572994
Fixed here:
http://pymilter.cvs.sourceforge.net/viewvc/pymilter/pyspf/spf.py?view=patch&r1=1.108.2.150&r2=1.108.2.151&pathrev=pyspf-2_0-branch