And can I somehow force ASSP to do SPF checks on the email adres in the From
header too? Because right now it seems to check only the sender address. Look:
Return-Path: <geoffrey.guadagna...@sudex.be>
X-Envelope-To: info@snip
Received: from localhost ([127.0.0.1])
by kms01.snip with ESMTP
for info@snip;
Wed, 20 Jul 2016 06:39:07 +0200
Received: from cpanel.ieck.be (localhost [127.0.0.1])
by mx101.snip (Postfix) with ESMTP id BE68FB1323
for <info@snip>; Wed, 20 Jul 2016 06:39:04 +0200 (CEST)
Received: from cpanel.ieck.be ([194.42.98.110] helo=cpanel.ieck.be) by
mx101.snip with SMTPS(TLSv1 DHE-RSA-AES128-SHA) (2.5.1); 20 Jul 2016
06:39:04 +0200
Received: from ip143.ip-176-31-66.eu ([176.31.66.143]:53940
helo=[192.168.110.3])
by cpanel.ieck.be with esmtpa (Exim 4.87)
(envelope-from <geoffrey.guadagna...@sudex.be>)
id 1bPjHj-0000pX-Ja
for info@snip; Wed, 20 Jul 2016 06:39:03 +0200
Reply-To: <profesionel2...@gmail.com>
From:"Mobistar" <salessupp...@orange.be>
To: "info" <info@snip>
Subject: votre abonnement ete refuse
Message-ID: <89ef346a20c2e749b314fdb5b6c697e3@TS01>
Date: Wed, 20 Jul 2016 06:41:30 +0200
MIME-Version: 1.0
Content-Type: multipart/related;
boundary="----=_NextPart_000_0001_C58C1F7C.844AAE4F"
X-Priority: 3
X-Mailer: Microsoft Office Outlook 12.0
X-AntiAbuse: This header was added to track abuse, please include it with any
abuse report
X-AntiAbuse: Primary Hostname - cpanel.ieck.be
X-AntiAbuse: Original Domain - snip
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - sudex.be
X-Get-Message-Sender-Via: cpanel.ieck.be: authenticated_id:
geoffrey.guadagna...@sudex.be
X-Authenticated-Sender: cpanel.ieck.be: geoffrey.guadagna...@sudex.be
X-Source:
X-Source-Args:
X-Source-Dir:
X-Assp-ID: mx101.snip m1-89544-11284
X-Assp-Session: 7F3475588B28 (mail 1)
X-Assp-Envelope-From: geoffrey.guadagna...@sudex.be
X-Assp-Intended-For: info@snip
X-Assp-Version: 2.5.1(16177) on mx101.snip
X-Assp-Client-TLS: yes
X-Assp-Message-Score: -10 (SSL-TLS-connection-OK)
X-Assp-IP-Score: -10 (SSL-TLS-connection-OK)
X-Assp-Delay: not delayed (auto accepted); 20 Jul 2016 06:39:04 +0200
X-Assp-Message-Score: 10 (Message-ID not valid:
'89ef346a20c2e749b314fdb5b6c697e3@TS01')
X-Assp-IP-Score: 10 (Message-ID not valid:
'89ef346a20c2e749b314fdb5b6c697e3@TS01')
X-Assp-Received-SPF: none (cache) ip=194.42.98.110
mailfrom=geoffrey.guadagna...@sudex.be
helo=cpanel.ieck.be
X-Original-Authentication-Results: mx101.snip; spf=none
X-Assp-Message-Score: 10 (Foreign IP-Country LU (2, RUE L?ON LAVAL))
X-Assp-Spam-Level: ***
SPF didn't fail because sudex.be has no SPF records but it was sent with a from
address @orange.be which forbids this IP address from sending email...
----- Original Message -----
From: Thomas Eckardt
[mailto:thomas.ecka...@thockar.com]
To: For Users of ASSP
[mailto:assp-user@lists.sourceforge.net]
Sent: Wed, 20 Jul 2016 08:00:42
+0100
Subject: Re: [Assp-user] SPF_temperror,_why?
> I got the same error for hotmail.com DKIM signatures.
>
> hotmail.com _domainkey selector 1 is :
>
>
> "v=DKIM1;k=rsa;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvWyktrIL8DO/+UGvMbv7cPd/Xogpbs7pgVw8y9ldO6AAMmg8+ij
> ENl/c7Fb1MfKM7uG3LMwAr0dVVKyM+mbkoX2k5L7lsROQr0Z9gGSpu7xrnZOa58+/pIhd2Xk/DFPpa5+TKbWodbsSZPRN8z0RY5x59jdzSclXlEyN9mEZdmO
> iKTsOP6A7vQxfSya9jg5"
>
> "N81dfNNvP7HnWejMMsKyIMrXptxOhIBuEYH67JDe98QgX14oHvGM2Uz53if/SW8MF09rYh9sp4ZsaWLIg6T343JzlbtrsGRGCDJ9JPpxRWZimtz
> +Up/BlKzT6sCCrBihb/Bi3pZiEBB4Ui/vruL5RCQIDAQAB;n=2048,1452627113,1468351913"
>
>
> For what ever reason, Mail::DKIM is unable to fetch() the public key.
> There is nothing you can do.
>
> Thomas
>
>
>
> Von: "Andy Knuts" <a...@knuts.be>
> An: "For Users of ASSP" <assp-user@lists.sourceforge.net>
> Datum: 20.07.2016 00:35
> Betreff: Re: [Assp-user] SPF_temperror,_why?
>
>
>
> It looks like there's a problem with DNS in general but it's not always a
> problem:
>
> # grep DKIM 16-07-19.maillog.txt|grep @hotmail|grep 'public key: not
> available'
>
> Jul-19-16 00:21:04 m1-80462-07675 [Worker_1] [TLS-in] 65.54.190.91
> <s...@hotmail.com> to: marleen...@seniorennet.be [scoring] (DKIM signature
> invalid) - public key: not available
> Jul-19-16 08:47:43 m1-10862-06664 [Worker_2] [TLS-in] 65.54.190.87
> <s...@hotmail.com> to: bigie...@mailgroepen.seniorennet.be [scoring] (DKIM
> signature invalid) - public key: not available
> Jul-19-16 08:59:43 m1-11582-08285 [Worker_1] [TLS-in] 65.55.34.215
> <s...@hotmail.com> to: redac...@sennetmagazine.be [scoring] (DKIM
> signature invalid) - public key: not available
> Jul-19-16 09:45:13 m1-14312-02896 [Worker_1] [TLS-in] 65.55.116.39
> <s...@hotmail.com> to: triviaq...@seniorennet.be [scoring] (DKIM signature
> invalid) - public key: not available
> Jul-19-16 12:39:49 m1-24788-06927 [Worker_2] [TLS-in] 65.54.51.96
> <s...@hotmail.com> to: webmas...@seniorennet.be [scoring] (DKIM signature
> invalid) - public key: not available
> Jul-19-16 15:58:58 m1-36736-07796 [Worker_5] [TLS-in] 65.54.190.90
> <s...@hotmail.com> to: 5ce2c51e4689...@mailgroepen.seniorennet.be
> [scoring] (DKIM signature invalid) - public key: not available
> Jul-19-16 17:16:33 m1-41391-04219 [Worker_1] [TLS-in] 65.55.34.80
> <s...@hotmail.com> to: 4a259f014c48...@mailgroepen.seniorennet.be
> [scoring] (DKIM signature invalid) - public key: not available
> Jul-19-16 19:47:03 m1-50422-00530 [Worker_1] [TLS-in] 65.54.190.35
> <s...@hotmail.com> to:ticket...@seniorennet.be [scoring] (DKIM signature
> invalid) - public key: not available
>
> The DNS servers also seem to work fine for every other services but as
> you can see, sometimes ASSP is unable to find the public key for
> hotmail.com ?
>
> I'm using Net::DNS 1.06. This version is okay, right?
>
> Regards
>
>
> ----- Original Message -----
> From: Andy Knuts [mailto:a...@knuts.be]
> To:
> For Users of ASSP [mailto:assp-user@lists.sourceforge.net]
> Sent: Wed, 20 Jul
> 2016 00:13:16 +0100
> Subject: Re: [Assp-user] SPF_temperror,_why?
>
>
> > I upgraded to Mail:SPF 2.9.0 as suggested but there's still an issue:
> >
> > # grep '(spfeValencePB) for SPF temperror' 16-07-19.maillog.txt | wc -l
> > 444
> >
> > # grep hotmail.com 16-07-19.maillog.txt |grep -i "for SPF pass" | wc -l
> > 258
> >
> >
> > # grep '(spfeValencePB) for SPF temperror' 16-07-19.maillog.txt |grep -i
> > hotmail
> > Jul-19-16 07:45:11 m1-07110-04028 [Worker_2] [TLS-in] 65.54.190.99
> > <s...@hotmail.com> to: j...@sygmanet.be Message-Score: added 5
> > (spfeValencePB) for SPF temperror, total score for this message is now 5
> > Jul-19-16 12:37:51 m1-24670-10746 [Worker_2] [TLS-in] 65.55.90.169
> > <s...@hotmail.com> to: wimo-5c258bea0eaf...@mailgroepen.seniorennet.be
> > Message-Score: added 5 (spfeValencePB) for SPF temperror, total score
> for
> > this message is now -6
> > Jul-19-16 12:39:49 m1-24788-06927 [Worker_2] [TLS-in] 65.54.51.96
> > <s...@hotmail.com> to: webmas...@seniorennet.be Message-Score: added 5
> > (spfeValencePB) for SPF temperror, total score for this message is now
> -6
> > Jul-19-16 12:51:11 m1-25471-04061 [Worker_2] [TLS-in] 157.55.1.140
> > <s...@hotmail.com> to: shop-ticket...@seniorennet.be Message-Score:
> added 5
> > (spfeValencePB) for SPF temperror, total score for this message is now
> 10
> > Jul-19-16 14:08:49 m1-30128-13259 [Worker_2] [TLS-in] 65.55.34.90
> > <s...@hotmail.com> to: supp...@seniorennet.be Message-Score: added 5
> > (spfeValencePB) for SPF temperror, total score for this message is now 7
> > Jul-19-16 17:15:12 m1-41310-11578 [Worker_1] [TLS-in] 65.55.90.39
> > <s...@hotmail.com> to:
> gerbera-10a49402d1b3...@mailgroepen.seniorennet.be
> > Message-Score: added 5 (spfeValencePB) for SPF temperror, total score
> for
> > this message is now -6
> > Jul-19-16 17:16:33 m1-41391-04219 [Worker_1] [TLS-in] 65.55.34.80
> > <s...@hotmail.com> to: sno-4a259f014c48...@mailgroepen.seniorennet.be
> > Message-Score: added 5 (spfeValencePB) for SPF temperror, total score
> for
> > this message is now -8
> > Jul-19-16 19:36:37 m1-49796-00753 [Worker_1] [TLS-in] 157.55.2.37
> > <s...@hotmail.be> to:
> laurent49-e55784b4d645...@mailgroepen.seniorennet.be
> > Message-Score: added 5 (spfeValencePB) for SPF temperror, total score
> for
> > this message is now -6
> > Jul-19-16 19:39:01 m1-49940-06640 [Worker_1] [TLS-in] 157.55.2.26
> > <s...@hotmail.com> to: supp...@sennetshop.be Message-Score: added 5
> > (spfeValencePB) for SPF temperror, total score for this message is now 9
> > Jul-19-16 20:15:13 m1-52113-02738 [Worker_2] [TLS-in] 157.55.1.160
> > <s...@hotmail.be> to: supp...@seniorennet.be Message-Score: added 5
> > (spfeValencePB) for SPF temperror, total score for this message is now
> -6
> > Jul-19-16 20:50:24 m1-54224-10937 [Worker_2] [TLS-in] 157.55.0.224
> > <s...@hotmail.com> to: kris...@knuts.be Message-Score: added 5
> > (spfeValencePB) for SPF temperror, total score for this message is now 8
> > Jul-19-16 23:44:38 m1-64678-08355 [Worker_1] [TLS-in] 157.55.0.233
> > <s...@hotmail.com> to:
> paulsenior-ab923b9ade4e...@mailgroepen.seniorennet.be
> > Message-Score: added 5 (spfeValencePB) for SPF temperror, total score
> for
> > this message is now 8
> >
> >
> >
> >
> >
> > ----- Original Message -----
> > From: Thomas Eckardt
> > [mailto:thomas.ecka...@thockar.com]
> > To: For Users of ASSP
> > [mailto:assp-user@lists.sourceforge.net]
> > Sent: Mon, 18 Jul 2016 20:08:54
> > +0100
> > Subject: Re: [Assp-user] SPF_temperror,_why?
> >
> >
> > > http://cpansearch.perl.org/src/JMEHNLE/Mail-SPF-v2.9.0/CHANGES
> > >
> > > Thomas
> > >
> > >
> > >
> > >
> > >
> > > Von: "Andy Knuts" <a...@knuts.be>
> > > An: "For Users of ASSP" <assp-user@lists.sourceforge.net>
> > > Datum: 18.07.2016 19:56
> > > Betreff: Re: [Assp-user] SPF_temperror,_why?
> > >
> > >
> > >
> > > I'm using 2.008 while ASSP says "2.007" is required.
> > > Should upgrading to 2.009 fix this issue?
> > >
> > >
> > > ----- Original Message -----
> > > From: Thomas Eckardt
> > > [mailto:thomas.ecka...@thockar.com]
> > > To: For Users of ASSP
> > > [mailto:assp-user@lists.sourceforge.net]
> > > Sent: Mon, 18 Jul 2016 19:49:45
> > > +0100
> > > Subject: Re: [Assp-user] SPF_temperror,_why?
> > >
> > >
> > > > >Jul-18-16 19:04:29 [Worker_1] Info: DNSResolverSend: caller:
> > > > Mail::SPF::Server, 564, hotmail.com SPF
> > > >
> > > >
> > >
> >
> ------------------------------------------------------------------------------------------
> > > > =item B<query_rr_types>
> > > >
> > > > For which RR types to query when looking up and selecting SPF
> records.
> > > The
> > > > following values are supported:
> > > >
> > > > =over
> > > >
> > > > =item B<< Mail::SPF::Server->query_rr_type_all >>
> > > >
> > > > Both C<TXT> and C<SPF> type RRs.
> > > >
> > > > =item B<< Mail::SPF::Server->query_rr_type_txt >> (default)
> > > >
> > > > C<TXT> type RRs only.
> > > >
> > > > =item B<< Mail::SPF::Server->query_rr_type_spf >>
> > > >
> > > > C<SPF> type RRs only.
> > > >
> > > > =back
> > > >
> > > > For years B<Mail::SPF> has defaulted to looking up both C<SPF> and
> > > C<TXT>
> > > > type
> > > > RRs as recommended by RFC 4408. Experience has shown, however, that
> a
> > > > significant portion of name servers suffer from serious brain damage
>
> > > with
> > > > regard to the handling of queries for RR types that are unknown to
> them,
> >
> > >
> > > > such
> > > > as the C<SPF> RR type. Consequently B<Mail::SPF> now defaults to
> > > looking
> > > > up
> > > > only C<TXT> type RRs. This may be overridden by setting the
> > > > B<query_rr_types>
> > > > option.
> > > >
> > > > See RFC 4408, 3.1.1, for a discussion of the topic, as well as the
> > > > description
> > > > of the L</select_record> method.
> > > >
> > >
> >
> ------------------------------------------------------------------------------------------
> > > >
> > > > Seems your Mail::SPF module is outdated - use 2.009
> > > >
> > > > ASSP uses the default.
> > > >
> > > > Thomas
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > Von: "Andy Knuts" <a...@knuts.be>
> > > > An: "For Users of ASSP" <assp-user@lists.sourceforge.net>
> > > > Datum: 18.07.2016 19:27
> > > > Betreff: Re: [Assp-user] SPF_temperror,_why?
> > > >
> > > >
> > > >
> > > > I'm stil wondering what's wrong with my DNS servers and ASSP. I
> > > installed
> > > > pdns-recorsor on the same host where ASSP is running and I have
> > > installed
> > > > bind on a second VM.
> > > > I tested those name server and they work as expected but ASSP still
> has
> > > > troubles with some request. Not always, but A LOT.
> > > > In my maillog.txt I see a lot of these: hotmail.com: Unknown error
> on
> > > DNS
> > > > 'SPF' lookup of 'hotmail.com'
> > > >
> > > > Sometimes it has the SPF records for hotmail.com, but many times it
> > > > doesn't. If I do "host -t txt hotmail.com 127.0.0.1" it always
> works.
> > > Same
> > > > for "host -t txt hotmail.com 10.1.1.11".
> > > >
> > > > Here's an example in maillog.txt with SPFDebug enabled:
> > > >
> > > >
> > > > Jul-18-16 19:04:28 m1-61468-07595 [Worker_1] [TLS-in] 65.54.190.89
> > > > <st...@hotmail.com> info: found message size announcement: 13.26
> kByte
> > > > Jul-18-16 19:04:28 m1-61468-07595 [Worker_1] [TLS-in] 65.54.190.89
> > > > <st...@hotmail.com> Message-Score: added -10 (tlsValencePB) for
> > > > SSL-TLS-connection-OK, total score for this message is now -10
> > > > Jul-18-16 19:04:28 [Worker_1] Info: cleanup existing DNS sockets - 2
> > > > Jul-18-16 19:04:28 [Worker_1] Info: cleanedup old data from DNS
> sockets
> > > > for 10.1.1.11
> > > > Jul-18-16 19:04:28 [Worker_1] Cleanedup DNS-question:
> > > > 246.2.47.104.in-addr.arpa. IN PTR
> > > > Jul-18-16 19:04:28 [Worker_1] Cleanedup DNS-answer:
> > > > 246.2.47.104.in-addr.arpa. 3600 IN PTR (
> > > >
> > > > mail-db5eur01hn0246.outbound.protection.outlook.com. )
> > > > Jul-18-16 19:04:28 [Worker_1] Info: reuse DNS socket for 127.0.0.1 -
>
> > > > hotmail.com. IN ANY
> > > > Jul-18-16 19:04:28 [Worker_1] Info: sent DNS query for 'hotmail.com'
>
> > > type
> > > > 'ANY' to nameserver 127.0.0.1 ID 15404
> > > > Jul-18-16 19:04:28 [Worker_1] Info: reuse DNS socket for 10.1.1.11 -
>
> > > > hotmail.com. IN ANY
> > > > Jul-18-16 19:04:28 [Worker_1] Info: sent DNS query for 'hotmail.com'
>
> > > type
> > > > 'ANY' to nameserver 10.1.1.11 ID 20981
> > > > Jul-18-16 19:04:28 [Worker_1] Info: DNS query time 0.000 - 127.0.0.1
> > > > Jul-18-16 19:04:28 [Worker_1] Info: got DNS DATA answer from
> nameserver
> > > > 127.0.0.1
> > > > Jul-18-16 19:04:28 [Worker_1] DNS-question was: hotmail.com. IN ANY
> > > > Jul-18-16 19:04:28 [Worker_1] DNS-answer is: hotmail.com. 132 IN SOA
> (
> >
> > >
> > > > ns1.msft.net. msnhst.microsoft.com.
> > > > 2016070805 ;serial
> > > > 7200 ;refresh
> > > > 900 ;retry
> > > > 2419200 ;expire
> > > > 3600 ;minimum
> > > > )
> > > > Jul-18-16 19:04:28 [Worker_1] DNS-answer is: hotmail.com. 76269 IN
> NS
> > > > ns1.msft.net.
> > > > Jul-18-16 19:04:28 [Worker_1] DNS-answer is: hotmail.com. 76269 IN
> NS
> > > > ns3.msft.net.
> > > > Jul-18-16 19:04:28 [Worker_1] DNS-answer is: hotmail.com. 76269 IN
> NS
> > > > ns4.msft.net.
> > > > Jul-18-16 19:04:28 [Worker_1] DNS-answer is: hotmail.com. 76269 IN
> NS
> > > > ns2.msft.net.
> > > > Jul-18-16 19:04:28 [Worker_1] Info: got valid DNS DATA answer from
> > > > nameserver 127.0.0.1 ID 15404
> > > > Jul-18-16 19:04:28 [Worker_2] Connected: session:7F434211AA68
> > > > x.x.x.139:56018 > x.x.x.234:25 > 127.0.0.1:125
> > > > Jul-18-16 19:04:28 m1-61468-09511 [Worker_2] [isbounce] x.x.x.139
> bounce
> >
> > >
> > > > message detected
> > > > Jul-18-16 19:04:28 m1-61468-09511 [Worker_2] x.x.x.139 info: the
> > > > connection will now be moved in to the Full-Transparent-Proxy mode
> > > > Jul-18-16 19:04:28 m1-61468-09511 [Worker_2] x.x.x.139 info: no
> (more)
> > > > data readable from x.x.x.139 (connection closed by peer) -
> Connection
> > > > reset by peer - last command was 'RCPT TO'
> > > > Jul-18-16 19:04:28 [Worker_2] Disconnected: session:7F434211AA68
> > > x.x.x.139
> > > > - processing time 0 seconds
> > > > Jul-18-16 19:04:29 m1-61468-07595 [Worker_1] [TLS-in] 65.54.190.89
> > > > <st...@hotmail.com> to: JMRP@snip Message-Score: added -2 for
> > > 65.54.190.0
> > > > in griplist (0.18), total score for this message is now -12
> > > > Jul-18-16 19:04:29 m1-61468-07595 [Worker_1] [TLS-in] [DKIM]
> > > 65.54.190.89
> > > > <st...@hotmail.com> to: JMRP@snip [scoring] DKIM domain mismatch -
> > > > hotmail.com found in DKIMCache, but no DKIM-Signature found in mail
> > > header
> > > > (Cache)
> > > > Jul-18-16 19:04:29 m1-61468-07595 [Worker_1] [TLS-in] 65.54.190.89
> > > > <st...@hotmail.com> to: JMRP@snip Message-Score: added 15
> > > (dkimValencePB)
> > > > for DKIM domain mismatch - hotmail.com found in DKIMCache, but no
> > > > DKIM-Signature found in mail header, total score for this message is
> now
> >
> > > 3
> > > > Jul-18-16 19:04:29 [Worker_1] Info: cleanup existing DNS sockets - 2
> > > > Jul-18-16 19:04:29 [Worker_1] Info: cleanedup old data from DNS
> sockets
> > > > for 10.1.1.11
> > > > Jul-18-16 19:04:29 [Worker_1] Cleanedup DNS-question: hotmail.com.
> IN
> > > > ANY
> > > > Jul-18-16 19:04:29 [Worker_1] Cleanedup DNS-answer: hotmail.com.
> 1596
> > > IN
> > > > MX 5 mx1.hotmail.com.
> > > > Jul-18-16 19:04:29 [Worker_1] Cleanedup DNS-answer: hotmail.com.
> 3019
> > > IN
> > > > A 65.55.77.28
> > > > Jul-18-16 19:04:29 [Worker_1] Cleanedup DNS-answer: hotmail.com.
> 86728
> > > > IN NS ns4.msft.net.
> > > > Jul-18-16 19:04:29 [Worker_1] Cleanedup DNS-answer: hotmail.com.
> 86728
> > > > IN NS ns3.msft.net.
> > > > Jul-18-16 19:04:29 [Worker_1] Cleanedup DNS-answer: hotmail.com.
> 1596
> > > IN
> > > > MX 5 mx4.hotmail.com.
> > > > Jul-18-16 19:04:29 [Worker_1] Cleanedup DNS-answer: hotmail.com.
> 3019
> > > IN
> > > > A 65.55.85.12
> > > > Jul-18-16 19:04:29 [Worker_1] Cleanedup DNS-answer: hotmail.com.
> 86728
> > > > IN NS ns1.msft.net.
> > > > Jul-18-16 19:04:29 [Worker_1] Cleanedup DNS-answer: hotmail.com. 425
> IN
> >
> > >
> > > > TXT (
> > > > "v=spf1 include:spf-a.outlook.com
> > > > include:spf-b.outlook.com ip4:157.55.9.128/25
> > > > include:spf.protection.outlook.com include:spf-a.hotmail.com
> > > > include:_spf-ssg-b.microsoft.com include:_spf-ssg-c.microsoft.com
> ~all"
> > > > )
> > > > Jul-18-16 19:04:29 [Worker_1] Cleanedup DNS-answer: hotmail.com.
> 1596
> > > IN
> > > > MX 5 mx3.hotmail.com.
> > > > Jul-18-16 19:04:29 [Worker_1] Cleanedup DNS-answer: hotmail.com.
> 3019
> > > IN
> > > > A 157.55.152.112
> > > > Jul-18-16 19:04:29 [Worker_1] Cleanedup DNS-answer: hotmail.com.
> 86728
> > > > IN NS ns2.msft.net.
> > > > Jul-18-16 19:04:29 [Worker_1] Cleanedup DNS-answer: hotmail.com.
> 3019
> > > IN
> > > > A 157.56.172.28
> > > > Jul-18-16 19:04:29 [Worker_1] Cleanedup DNS-answer: hotmail.com.
> 1596
> > > IN
> > > > MX 5 mx2.hotmail.com.
> > > > Jul-18-16 19:04:29 [Worker_1] Info: reuse DNS socket for 127.0.0.1 -
>
> > > > _dmarc.hotmail.com. IN TXT
> > > > Jul-18-16 19:04:29 [Worker_1] Info: sent DNS query for
> > > > '_dmarc.hotmail.com' type 'TXT' to nameserver 127.0.0.1 ID 21607
> > > > Jul-18-16 19:04:29 [Worker_1] Info: reuse DNS socket for 10.1.1.11 -
>
> > > > _dmarc.hotmail.com. IN TXT
> > > > Jul-18-16 19:04:29 [Worker_1] Info: sent DNS query for
> > > > '_dmarc.hotmail.com' type 'TXT' to nameserver 10.1.1.11 ID 52169
> > > > Jul-18-16 19:04:29 [Worker_1] Info: DNS query time 0.000 - 127.0.0.1
> > > > Jul-18-16 19:04:29 [Worker_1] Info: got DNS DATA answer from
> nameserver
> > > > 127.0.0.1
> > > > Jul-18-16 19:04:29 [Worker_1] DNS-question was: _dmarc.hotmail.com.
> IN
> > > > TXT
> > > > Jul-18-16 19:04:29 [Worker_1] DNS-answer is: _dmarc.hotmail.com.
> 2125
> > > IN
> > > > TXT (
> > > > "v=DMARC1; p=none; pct=100;
> > > > rua=mailto:d...@rua.agari.com; ruf=mailto:d...@ruf.agari.com; fo=1"
> > > > )
> > > > Jul-18-16 19:04:29 [Worker_1] Info: got valid DNS DATA answer from
> > > > nameserver 127.0.0.1 ID 21607
> > > > Jul-18-16 19:04:29 m1-61468-07595 [Worker_1] [TLS-in] [DKIM]
> > > 65.54.190.89
> > > > <st...@hotmail.com> to: JMRP@snip info: domain hotmail.com has
> published
> >
> > > a
> > > > DMARC record
> > > > Jul-18-16 19:04:29 m1-61468-07595 [Worker_1] [TLS-in] 65.54.190.89
> > > > <st...@hotmail.com> to: JMRP@snip strictspf Regex: strictSPFRe
> > > > '@hotmail.com'
> > > > Jul-18-16 19:04:29 [Worker_1] Info: reuse DNSresolver
> > > > Jul-18-16 19:04:29 [Worker_1] SPF: SPFoverride for domain
> hotmail.com -
> > > > Jul-18-16 19:04:29 [Worker_1] Info: DNSResolverSend: caller:
> > > > Mail::SPF::Server, 564, hotmail.com SPF
> > > > Jul-18-16 19:04:29 [Worker_1] Info: DNSResolverSend: caller:
> > > > Mail::SPF::Server, 564, hotmail.com TXT
> > > > Jul-18-16 19:04:29 m1-61468-07595 [Worker_1] [TLS-in] 65.54.190.89
> > > > <st...@hotmail.com> to: JMRP@snip [scoring] spf_result:temperror
> > > > Jul-18-16 19:04:29 m1-61468-07595 [Worker_1] [TLS-in] 65.54.190.89
> > > > <st...@hotmail.com> to: JMRP@snip identity:st...@hotmail.com
> > > > Jul-18-16 19:04:29 m1-61468-07595 [Worker_1] [TLS-in] 65.54.190.89
> > > > <st...@hotmail.com> to: JMRP@snip scope:mfrom
> > > > Jul-18-16 19:04:29 m1-61468-07595 [Worker_1] [TLS-in] 65.54.190.89
> > > > <st...@hotmail.com> to: JMRP@snip spf_record:
> > > > Jul-18-16 19:04:29 m1-61468-07595 [Worker_1] [TLS-in] 65.54.190.89
> > > > <st...@hotmail.com> to: JMRP@snip local_exp:hotmail.com: Unknown
> error
> > > on
> > > > DNS 'SPF' lookup of 'hotmail.com'
> > > > Jul-18-16 19:04:29 m1-61468-07595 [Worker_1] [TLS-in] 65.54.190.89
> > > > <st...@hotmail.com> to: JMRP@snip received_spf:Received-SPF:
> temperror
> > > > (hotmail.com: Unknown error on DNS 'SPF' lookup of 'hotmail.com')
> > > > receiver=mx101.snip; identity=mailfrom;
> > > envelope-from="st...@hotmail.com";
> > > > helo=BAY004-OMC2S14.hotmail.com; client-ip=65.54.190.89
> > > > Jul-18-16 19:04:29 m1-61468-07595 [Worker_1] [TLS-in] 65.54.190.89
> > > > <st...@hotmail.com> to: JMRP@snip [scoring] SPF: temperror
> > > ip=65.54.190.89
> > > > mailfrom=st...@hotmail.com helo=BAY004-OMC2S14.hotmail.com
> > > > Jul-18-16 19:04:29 m1-61468-07595 [Worker_1] [TLS-in] 65.54.190.89
> > > > <st...@hotmail.com> to: JMRP@snip Message-Score: added 5
> (spfeValencePB)
> >
> > >
> > > > for SPF temperror, total score for this message is now 8
> > > > Jul-18-16 19:04:29 m1-61468-07595 [Worker_1] [TLS-in] 65.54.190.89
> > > > <st...@hotmail.com> to: JMRP@snip DMARC: this mail breakes the DKIM
> > > > policies defined in the DMARC record for domain hotmail.com - there
> is
> > > no
> > > > DKIM-signature found in this mail for domain hotmail.com
> > > > Jul-18-16 19:04:29 [Worker_1] Info: cleanup existing DNS sockets - 2
> > > > Jul-18-16 19:04:29 [Worker_1] Info: cleanedup old data from DNS
> sockets
> > > > for 10.1.1.11
> > > > Jul-18-16 19:04:29 [Worker_1] Cleanedup DNS-question:
> > > _dmarc.hotmail.com.
> > > > IN TXT
> > > > Jul-18-16 19:04:29 [Worker_1] Cleanedup DNS-answer:
> _dmarc.hotmail.com.
> > > > 2125 IN TXT (
> > > > "v=DMARC1; p=none; pct=100;
> > > > rua=mailto:d...@rua.agari.com; ruf=mailto:d...@ruf.agari.com; fo=1"
> > > > )
> > > > Jul-18-16 19:04:29 [Worker_1] Info: reuse DNS socket for 127.0.0.1 -
>
> > > > 89.190.54.65.sa.senderbase.org. IN TXT
> > > > Jul-18-16 19:04:29 [Worker_1] Info: sent DNS query for
> > > > '89.190.54.65.sa.senderbase.org' type 'TXT' to nameserver 127.0.0.1
> ID
> > > > 54935
> > > > Jul-18-16 19:04:29 [Worker_1] Info: reuse DNS socket for 10.1.1.11 -
>
> > > > 89.190.54.65.sa.senderbase.org. IN TXT
> > > > Jul-18-16 19:04:29 [Worker_1] Info: sent DNS query for
> > > > '89.190.54.65.sa.senderbase.org' type 'TXT' to nameserver 10.1.1.11
> ID
> > > > 43820
> > > > Jul-18-16 19:04:29 [Worker_1] Info: DNS query time 0.000 - 127.0.0.1
> > > > Jul-18-16 19:04:29 [Worker_1] Info: got DNS DATA answer from
> nameserver
> > > > 127.0.0.1
> > > > Jul-18-16 19:04:29 [Worker_1] DNS-question was:
> > > > 89.190.54.65.sa.senderbase.org. IN TXT
> > > > Jul-18-16 19:04:29 [Worker_1] DNS-answer is:
> > > > 89.190.54.65.sa.senderbase.org. 19937 IN TXT (
> > > >
> > > > "0-0=1|1=MICROSOFT
> > > >
> > >
> >
> HOSTING|2=7.9|3=7.9|6=0|7=10|8=172544|9=7030|20=bay004-omc2s14.hotmail.com|21=msn.net|22=Y|23=7.1|24=7.2|25=0|40=5.0|41=5.1|43=5.3|44=3.9|45=N|46=19|48=24|50=San
> > > >
> > > > Jose|51=CA|52=95141|53=US|54=-121.895|55=37.3394"
> > > > )
> > > > Jul-18-16 19:04:29 [Worker_1] Info: got valid DNS DATA answer from
> > > > nameserver 127.0.0.1 ID 54935
> > > > Jul-18-16 19:04:29 [Worker_2] Connected: session:7F4341FFBE08
> > > > 85.158.211.232:34678 > x.x.x.234:25 > 127.0.0.1:125
> > > > Jul-18-16 19:04:29 m1-61468-07595 [Worker_1] [TLS-in] [MessageOK]
> > > > 65.54.190.89 <st...@hotmail.com> to: JMRP@snip message ok [complaint
>
> > > about
> > > > message from 10 164 74 35]
> > > >
> > > >
> > > > any idea's?
> > > >
> > > >
> > > > ----- Original Message -----
> > > > From: Thomas Eckardt
> > > > [mailto:thomas.ecka...@thockar.com]
> > > > To: For Users of ASSP
> > > > [mailto:assp-user@lists.sourceforge.net]
> > > > Sent: Mon, 18 Jul 2016 12:52:29
> > > > +0100
> > > > Subject: Re: [Assp-user] SPF_temperror,_why?
> > > >
> > > >
> > > > > >But why is this a temperror?
> > > > >
> > > > > assp was unable to get a qualified result for the query using
> > > Mail::SPF
> > > > -
> > > > > that's all
> > > > > most times this is caused by a DNS timeout
> > > > >
> > > > > Thomas
> > > > >
> > > > >
> > > > > Von: "Andy Knuts" <a...@knuts.be>
> > > > > An: assp-user@lists.sourceforge.net
> > > > > Datum: 18.07.2016 11:53
> > > > > Betreff: [Assp-user] SPF_temperror,_why?
> > > > >
> > > > >
> > > > >
> > > > > Many of the emails that passed ASSP have headers like this:
> > > > >
> > > > > X-Assp-Received-SPF: temperror ip=217.148.21.174
> > > > > mailfrom=rkvc...@stratics.addemar.com helo=vmta12.addemar.com
> > > > >
> > > > > But why is this a temperror?
> > > > >
> > > > >
> > > > > If I use 'spfquery' command line I get:
> > > > >
> > > > > # spfquery --mail-from rkvc...@stratics.addemar.com -i
> 217.148.21.174
> > > -h
> > > >
> > > > > vmta12.addemar.com
> > > > > pass
> > > > > Please see
> > > > >
> > > >
> > >
> >
> http://www.openspf.org/why.html?sender=rkvcomm%40stratics.addemar.com&ip=217.148.21.174&receiver=spfquery:
>
> > >
> > > >
> > > > >
> > > > > 217.148.21.128/25 contains 217.148.21.174
> > > > > spfquery: domain of rkvc...@stratics.addemar.com designates
> > > > 217.148.21.174
> > > > > as permitted sender
> > > > > Received-SPF: pass (spfquery: domain of
> rkvc...@stratics.addemar.com
> > > > > designates 217.148.21.174 as permitted sender)
> > > client-ip=217.148.21.174;
> > > >
> > > > > envelope-from=rkvc...@stratics.addemar.com;
> helo=vmta12.addemar.com;
> > > > >
> > > > >
> > > >
> > >
> >
> ------------------------------------------------------------------------------
> > > > > What NetFlow Analyzer can do for you? Monitors network bandwidth
> and
> > > > > traffic
> > > > > patterns at an interface-level. Reveals which users, apps, and
> > > protocols
> > > >
> > > > > are
> > > > > consuming the most bandwidth. Provides multi-vendor support for
> > > NetFlow,
> > > >
> > > > > J-Flow, sFlow and other flows. Make informed decisions using
> capacity
> > > > > planning
> > > > > reports.http://sdm.link/zohodev2dev
> > > > > _______________________________________________
> > > > > Assp-user mailing list
> > > > > Assp-user@lists.sourceforge.net
> > > > > https://lists.sourceforge.net/lists/listinfo/assp-user
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > DISCLAIMER:
> > > > > *******************************************************
> > > > > This email and any files transmitted with it may be confidential,
> > > > legally
> > > > > privileged and protected in law and are intended solely for the
> use of
> >
> > >
> > > > the
> > > > >
> > > > > individual to whom it is addressed.
> > > > > This email was multiple times scanned for viruses. There should be
> no
> > > > > known virus in this email!
> > > > > *******************************************************
> > > > >
> > > > >
> > > >
> > > >
> > >
> >
> ------------------------------------------------------------------------------
> > > > What NetFlow Analyzer can do for you? Monitors network bandwidth and
>
> > > > traffic
> > > > patterns at an interface-level. Reveals which users, apps, and
> protocols
> >
> > >
> > > > are
> > > > consuming the most bandwidth. Provides multi-vendor support for
> NetFlow,
> >
> > >
> > > > J-Flow, sFlow and other flows. Make informed decisions using
> capacity
> > > > planning
> > > > reports.http://sdm.link/zohodev2dev
> > > > _______________________________________________
> > > > Assp-user mailing list
> > > > Assp-user@lists.sourceforge.net
> > > > https://lists.sourceforge.net/lists/listinfo/assp-user
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > DISCLAIMER:
> > > > *******************************************************
> > > > This email and any files transmitted with it may be confidential,
> > > legally
> > > > privileged and protected in law and are intended solely for the use
> of
> > > the
> > > >
> > > > individual to whom it is addressed.
> > > > This email was multiple times scanned for viruses. There should be
> no
> > > > known virus in this email!
> > > > *******************************************************
> > > >
> > > >
> > >
> > >
> >
> ------------------------------------------------------------------------------
> > > What NetFlow Analyzer can do for you? Monitors network bandwidth and
> > > traffic
> > > patterns at an interface-level. Reveals which users, apps, and
> protocols
> > > are
> > > consuming the most bandwidth. Provides multi-vendor support for
> NetFlow,
> > > J-Flow, sFlow and other flows. Make informed decisions using capacity
> > > planning
> > > reports.http://sdm.link/zohodev2dev
> > > _______________________________________________
> > > Assp-user mailing list
> > > Assp-user@lists.sourceforge.net
> > > https://lists.sourceforge.net/lists/listinfo/assp-user
> > >
> > >
> > >
> > >
> > >
> > >
> > > DISCLAIMER:
> > > *******************************************************
> > > This email and any files transmitted with it may be confidential,
> legally
> > > privileged and protected in law and are intended solely for the use of
> the
> >
> > >
> > > individual to whom it is addressed.
> > > This email was multiple times scanned for viruses. There should be no
> > > known virus in this email!
> > > *******************************************************
> > >
> > >
> >
> >
> ------------------------------------------------------------------------------
> > What NetFlow Analyzer can do for you? Monitors network bandwidth and
> traffic
> > patterns at an interface-level. Reveals which users, apps, and protocols
> are
> >
> > consuming the most bandwidth. Provides multi-vendor support for NetFlow,
>
> > J-Flow, sFlow and other flows. Make informed decisions using capacity
> > planning
> > reports.http://sdm.link/zohodev2dev
> > _______________________________________________
> > Assp-user mailing list
> > Assp-user@lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/assp-user
> >
>
> ------------------------------------------------------------------------------
> What NetFlow Analyzer can do for you? Monitors network bandwidth and
> traffic
> patterns at an interface-level. Reveals which users, apps, and protocols
> are
> consuming the most bandwidth. Provides multi-vendor support for NetFlow,
> J-Flow, sFlow and other flows. Make informed decisions using capacity
> planning
> reports.http://sdm.link/zohodev2dev
> _______________________________________________
> Assp-user mailing list
> Assp-user@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/assp-user
>
>
>
>
>
>
> DISCLAIMER:
> *******************************************************
> This email and any files transmitted with it may be confidential, legally
> privileged and protected in law and are intended solely for the use of the
>
> individual to whom it is addressed.
> This email was multiple times scanned for viruses. There should be no
> known virus in this email!
> *******************************************************
>
>
------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are
consuming the most bandwidth. Provides multi-vendor support for NetFlow,
J-Flow, sFlow and other flows. Make informed decisions using capacity planning
reports.http://sdm.link/zohodev2dev
_______________________________________________
Assp-user mailing list
Assp-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-user
