Sorry for the interruption, I have another few moments to continue now. A good test regarding whether you have courier set properly to allow SPF enabled senders to relay to you through lists is whether you are able to receive my message, this message, through the list. This is because I know my name server to be fully SPF enabled, and I know this list to be set up in a manner consistent with SPF.
If this message is rejected by your Courier implementation, you will not know it unless someone else on the list who does not have SPF enabling entries on his name server relays this message. There's always a catch. The issue is usually that the list operator wishes to have messages attributed to the original sender so that responses can be directed off of the list, but the original sender has SPF enabled at his name server. Thus, the message comes to you ostensibly from the sender, but the IP address that the message is received from is that of the list relay. Thus it appears to the Courier SPF-checking mechanism that the sender has been "aliased" by a spammer. Usually, the result is that the list mechanism senses that your server rejects messages from the list -- "bounces" them as it were -- so the list automatically stops sending any messages to you. Some list software will send you a message to that effect, which, of course, will be accepted by Courier. But the list software does not interpret that as an indication that "your" bounces do not show that your server is operating correctly. Curious. I've had to explain all of this to two list admins now. Both of them finally discovered that they could adjust their list software to be SPF-consistent without changing the features of their list. Because this involved different list software in each case, I did not collect any descriptions of the list settings required. ----- Original Message ----- From: "Leigh S. Jones, KR6X" <[EMAIL PROTECTED]> To: "courier-users" <[email protected]> Sent: Wednesday, March 19, 2008 5:46 AM Subject: Re: [courier-users] Is my SPF setting incorrect? > Mailing lists and SPF can conflict. It's all in the settings that the > mailing list admin > uses to forward messages. It may depend on whether the sender of the > message > being forwarded by the list has SPF enabled. If your SPF settings are > 100% > correct, and you have SPF enabled, it can still be fouled up by the > forwarding > settings used by the list admin. List admins often are not SPF aware, and > will > deny that it is their problem when things work wrong. > > Sorry, I'm out of time to finish this... > > ----- Original Message ----- > From: "Arturo 'Buanzo' Busleiman" <[EMAIL PROTECTED]> > To: "courier-users" <[email protected]> > Sent: Wednesday, March 19, 2008 5:14 AM > Subject: [courier-users] Is my SPF setting incorrect? > > >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA512 >> >> Hi, I'm subscribed to many mailing lists, but I've been getting lots of >> SPF 517s, such as this: >> >> /var/log/mail/log-2008-03-18-16:03:46:Mar 18 11:22:10 [courieresmtpd] >> error,relay=209.132.176.174,from=<[EMAIL PROTECTED]>: >> 517 SPF >> softfail [EMAIL PROTECTED]: Address does not pass the Sender Policy >> Framework >> /var/log/mail/log-2008-03-18-17:03:27:Mar 18 12:58:39 [courieresmtpd] >> error,relay=209.132.176.174,from=<[EMAIL PROTECTED]>: >> 517 SPF >> softfail [EMAIL PROTECTED]: Address does not pass the Sender Policy >> Framework >> /var/log/mail/log-2008-03-18-18:03:24:Mar 18 13:41:41 [courieresmtpd] >> error,relay=209.132.176.174,from=<[EMAIL PROTECTED]>: >> 517 SPF >> fail [EMAIL PROTECTED]: Address does not pass the Sender Policy Framework >> /var/log/mail/log-2008-03-19-04:03:16:Mar 18 23:44:04 [courieresmtpd] >> error,relay=209.132.176.174,from=<[EMAIL PROTECTED]>: >> 517 SPF >> softfail [EMAIL PROTECTED]: Address does not pass the Sender Policy Framework >> /var/log/mail/log-2008-03-19-07:03:19:Mar 19 02:51:07 [courieresmtpd] >> error,relay=209.132.176.174,from=<[EMAIL PROTECTED]>: >> 517 SPF >> softfail [EMAIL PROTECTED]: Address does not pass the Sender Policy >> Framework >> >> >> That's from the GNU C Compiler's official mailing list. >> >> Here is my /etc/courier/bofh file: >> >> opt BOFHSPFHELO=pass,unknown,error,none,neutral >> opt BOFHSPFMAILFROM=pass,unknown,error,none,neutral >> opt BOFHSPFFROM=pass,unknown,error,none,neutral,mailfromok >> opt BOFHSPFTRUSTME=1 >> opt BOFHBADMIME=accept >> >> Is there anything wrong there? What can I do? As I bounce a lot, mailing >> lists are disabling me all >> the time. >> >> Any ideas? >> >> - -- >> Arturo "Buanzo" Busleiman >> Reliable inter-continental Mail Relay Service - Ask me! >> Independent Security Consultant - SANS - OISSG >> http://www.buanzo.com.ar/pro/ >> -----BEGIN PGP SIGNATURE----- >> Version: GnuPG v1.4.6 (GNU/Linux) >> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org >> >> iD8DBQFH4QO0AlpOsGhXcE0RCjQMAJ4ypNYgugwymdtMZ+GUmgRjk8FZagCfTZxI >> ntKIzMM71UHcQlgB8LtRJrg= >> =Ytp5 >> -----END PGP SIGNATURE----- >> >> ------------------------------------------------------------------------- >> This SF.net email is sponsored by: Microsoft >> Defy all challenges. Microsoft(R) Visual Studio 2008. >> http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ >> _______________________________________________ >> courier-users mailing list >> [email protected] >> Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users >> > > > ------------------------------------------------------------------------- > This SF.net email is sponsored by: Microsoft > Defy all challenges. Microsoft(R) Visual Studio 2008. > http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ > _______________________________________________ > courier-users mailing list > [email protected] > Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users > ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ courier-users mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
