What's happening here?
I have a client who has a shopping cart supported by coolcart, a 3rd party
shopping cart service. The registered address for bounce correspondence to her
at coolcart is [EMAIL PROTECTED], a RoadRunner mail account. The address to
which customer orders from the coolcart system are to be sent is
[EMAIL PROTECTED] This email address, and the website that
supports the cart, are hosted on shakti.fmp.com which is running Courier as its
MTA. Orders sent to her by the coolcart system are bouncing with the following
DSN:
--- Session Transcript ---
MX-record resolution of [birdsjustwannahavefun.com] in progress (DNS
Server: 64.39.2.170)...
P=005 D=birdsjustwannahavefun.com TTL=(5) MX=[shakti.fmp.com]
{216.110.12.105} Attempting MX: P=005 D=birdsjustwannahavefun.com TTL=(5)
MX=[shakti.fmp.com] {216.110.12.105} Attempting SMTP connection to
[216.110.12.105 : 25] Waiting for socket connection...
Socket connection established
Waiting for protocol initiation...
220 shakti.fmp.com ESMTP
EHLO coolcart.com
250-shakti.fmp.com Ok.
250-AUTH LOGIN CRAM-MD5 CRAM-SHA1 CRAM-SHA256 250-AUTH=LOGIN CRAM-MD5
CRAM-SHA1 CRAM-SHA256 X-NETSCAPE-HAS-BUGS 250-STARTTLS
250-XCOURIEREXTENSIONS 250-XVERP=Courier 250-XEXDATA
250-XSECURITY=NONE,STARTTLS 250-PIPELINING 250-8BITMIME 250-SIZE 250 DSN
MAIL From:<[EMAIL PROTECTED]> SIZE=3764
517 SPF fail coolcart.com: Maximum of 20 nested SPF queries exceeded.
QUIT
--- End Transcript ---
Why are we getting "nested SPF queries"? It looks as if the failure is coming
from shakti.fmp.com, but why would the receiving server be doing recursive SPF
queries? I understand that the envelope sender address doesn't match a lookup
of the SPF records for coolcart, but why the recursive queries?
My bofh file looks like this:
opt BOFHBADMIME=accept
#opt BOFHSPFHARDERROR=fail
#opt BOFHSUPPRESSBACKSCATTER=none
opt BOFHSPFHELO=pass,none,neutral,softfail,unknown
opt BOFHSPFMAILFROM=pass,none,neutral,softfail,unknown
opt BOFHSPFFROM=pass,none,neutral,softfail,unknown,mailfromok
opt BOFHSPFHARDERROR=fail
opt BOFHSPFTRUSTME=1
Should I turn off SPF for the envelope sender address? Or should I leave it on
and indicate that a "fail" result is acceptable?
--
Lindsay Haisley | "Fighting against human | PGP public key
FMP Computer Services | creativity is like | available at
512-259-1190 | trying to eradicate | <http://pubkeys.fmp.com>
http://www.fmp.com | dandelions" |
| (Pamela Jones) |
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
courier-users mailing list
[email protected]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
