From 30c79faff28adfd74756d072fb05585bb5e36fd4 Mon Sep 17 00:00:00 2001
From: Mechiel Lukkien <mechiel@ueber.net>
Date: Fri, 3 Mar 2023 11:45:19 +0100
Subject: [PATCH] fix problem with spf where we would generate errors about too
 many void lookups

the problem was that we only looked up either the ipv4 or ipv6 address when
evaluating spf directives, depending on the incoming smtp connection. for
example, for spf directive "a", we would lookup the requested domain. if that
domain has an ipv4 address but no ipv6 address, and the incoming connection is
ipv6, we would count a void lookup. but we shouldn't: there is a record for
that name, it just doesn't match the address (family).
---
 spf/spf.go | 18 +++---------------
 1 file changed, 3 insertions(+), 15 deletions(-)

diff --git a/spf/spf.go b/spf/spf.go
index 40c25e8..aa09864 100644
--- a/spf/spf.go
+++ b/spf/spf.go
@@ -338,11 +338,7 @@ func evaluate(ctx context.Context, record *Record, resolver dns.Resolver, args A
 
 	// Used for "a" and "mx".
 	checkHostIP := func(domain dns.Domain, d Directive, args *Args) (bool, Status, error) {
-		network := "ip4"
-		if remote6 != nil {
-			network = "ip6"
-		}
-		ips, err := resolver.LookupIP(ctx, network, domain.ASCII+".")
+		ips, err := resolver.LookupIP(ctx, "ip", domain.ASCII+".")
 		trackVoidLookup(err, args)
 		// If "not found", we must ignore the error and treat as zero records in answer. ../rfc/7208:1116
 		if err != nil && !dns.IsNotFound(err) {
@@ -478,11 +474,7 @@ func evaluate(ctx context.Context, record *Record, resolver dns.Resolver, args A
 					break
 				}
 				lookups++
-				network := "ip4"
-				if remote6 != nil {
-					network = "ip6"
-				}
-				ips, err := resolver.LookupIP(ctx, network, rd.ASCII+".")
+				ips, err := resolver.LookupIP(ctx, "ip", rd.ASCII+".")
 				trackVoidLookup(err, &args)
 				for _, ip := range ips {
 					if checkIP(ip, d) {
@@ -669,11 +661,7 @@ func expandDomainSpec(ctx context.Context, resolver dns.Resolver, domainSpec str
 					if !matchfn(name) {
 						continue
 					}
-					network := "ip4"
-					if args.RemoteIP.To4() == nil {
-						network = "ip6"
-					}
-					ips, err := resolver.LookupIP(ctx, network, name)
+					ips, err := resolver.LookupIP(ctx, "ip", name)
 					trackVoidLookup(err, &args)
 					// ../rfc/7208:1714, we don't have to check other errors.
 					for _, ip := range ips {