As stated previously, the contents of my BOFH file is: opt BOFHBADMIME=accept opt BOFHSPFMAILFROM=pass,none,neutral,softfail,unknown opt BOFHSPFFROM=pass,none,neutral,softfail,unknown opt BOFHSPFTRUSTME=1
In the SPF admin UI, it looks like this: Remote Server ID: disabled Return Address: enabled (default options) Sender's Address: enabled (default options) Options: Disable SPF checking for clients with relay privs - checked Bounces: Softfail: checked Fail: checked And based on the headers seen below, the message passed both the 'MAIL FROM:' and 'From:' checks (the 'EHLO' check being disabled). Still, there is this failure report in the logs: Dec 29 19:25:10 colo courieresmtpd: error,relay=::ffff:64.4.240.67,from=<[EMAIL PROTECTED]>: 517 SPF fail [EMAIL PROTECTED]: Address does not pass the Sender Policy Framework What is odd about the message is that it seems like it's reporting the failure on the recipient email address (me, [EMAIL PROTECTED]). I didn't think any checking was done on the recipient address in the SPF system. -jason -- Jason L. Buberel - [EMAIL PROTECTED] - http://www.buberel.org JabberID:[EMAIL PROTECTED] - m:+16504831989 On Tue, January 4, 2005 2:15 pm, Bill Taroli said: > Weird... just as a passing observation... shouldn't the BOFH check have > caused the message to be rejected if it failed to pass the SPF checks? > > > Jason L. Buberel wrote: > >>Here is the header/envelope information on a message that also generated >>an SPF failure in my logs. Based on the Received-SPF headers, it looks >>like everything passed. Yet the log output corresponding to this message >>indicates otherwise (see below): >> >>Delivered-To: [EMAIL PROTECTED] >>Return-Path: <[EMAIL PROTECTED]> >>Received: from smtp-outbound.nix.paypal.com (smtp-outbound.nix.paypal.com >>[::ffff:64.4.240.67]) >> by buberel.org with esmtp; Wed, 29 Dec 2004 19:24:52 -0500 >> id 003F61D5.41D34ADB.000026C3 >>Received-SPF: pass (Address passes the Sender Policy Framework) >> SPF=MAILFROM; >> [EMAIL PROTECTED]; >> remoteip=::ffff:64.4.240.67; >> remotehost=smtp-outbound.nix.paypal.com; >> helo=smtp-outbound.nix.paypal.com; >> receiver=buberel.org; >>Received: from web29.nix.paypal.com (web29.nix.paypal.com [10.192.2.29]) >> by smtp-outbound.nix.paypal.com (Postfix) with SMTP id 6EC223CC0A0 >> for <[EMAIL PROTECTED]>; Wed, 29 Dec 2004 16:24:16 -0800 >> (PST) >>Received: (qmail 18597 invoked by uid 99); 30 Dec 2004 00:24:16 -0000 >>Date: Wed, 29 Dec 2004 16:24:16 -0800 >>Message-Id: <[EMAIL PROTECTED]> >>Mime-Version: 1.0 >>Content-Type: text/plain; charset=windows-1252 >>Content-Transfer-Encoding: 7bit >>From: [EMAIL PROTECTED] >>To: [EMAIL PROTECTED] >>Subject: Receipt for your Payment >>Received-SPF: pass (Address passes the Sender Policy Framework) >> SPF=FROM; >> [EMAIL PROTECTED]; >> remoteip=::ffff:64.4.240.67; >> remotehost=smtp-outbound.nix.paypal.com; >> helo=smtp-outbound.nix.paypal.com; >> receiver=buberel.org; >>X-Mime-Autoconverted: from 8bit to 7bit by courier 0.47 >> >> >>I see the following SPF failure in my /var/log/maillog, indicating that >>there was an SPF failure: >> >>Dec 29 19:24:52 colo courieresmtpd: started,ip=[::ffff:64.4.240.67] >>Dec 29 19:24:59 colo courierd: newmsg,id=003F61D5.41D34ADB.000026C3: dns; >>smtp-outbound.nix.paypal.com (smtp-outbound.nix.paypal.com >>[::ffff:64.4.240.67]) >>Dec 29 19:24:59 colo courierd: >>started,id=003F61D5.41D34ADB.000026C3,from=<[EMAIL >>PROTECTED]>,module=local,host=jason!!501!501!/usr/local/mail/jason!!,addr=<jason> >>Dec 29 19:24:59 colo courierd: Waiting. shutdown time=none, wakeup >>time=none, queuedelivering=1, inprogress=1 >>Dec 29 19:25:10 colo courieresmtpd: >>error,relay=::ffff:64.4.240.67,from=<[EMAIL PROTECTED]>: 517 SPF fail >>[EMAIL PROTECTED]: Address does not pass the Sender Policy >>Framework >>Dec 29 19:25:20 colo courierlocal: >>id=003F61D5.41D34ADB.000026C3,from=<[EMAIL PROTECTED] >>com>,addr=<[EMAIL PROTECTED]>,size=2538,success: Message >> delivered. >>Dec 29 19:25:20 colo courierd: completed,id=003F61D5.41D34ADB.000026C3 >>Dec 29 19:25:20 colo courierd: Waiting. shutdown time=Wed Dec 29 >> 20:13:57 >>2004, wakeup time=Wed Dec 29 20:13:57 2004, queuedelivering=0, >>inprogress=0 >> >> >>-jason >> >> >> > ------------------------------------------------------- The SF.Net email is sponsored by: Beat the post-holiday blues Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek. It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt _______________________________________________ courier-users mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
