Mark Constable writes:
On Mon, 18 Aug 2008 09:01:28 pm Sam Varshavchik wrote: > Because it's the From: address that fails it: > jakeman.com.au. 3568 IN TXT "v=spf1 a ~all" > jakeman.com.au. 3550 IN A 203.129.33.155I'm now confused with a related issue where there is an alias at the above domains mailserver that forwards back to us but we reject it with a 517. I thought using mailfromok would fix situations like this (mailing list redirects etc). # dig +short txt jakeman.com.au. "v=spf1 ip4:203.17.154.25 mx ~all" # grep SPF /etc/courier/bofh opt BOFHSPFHELO=pass,unknown,error,none,neutral opt BOFHSPFMAILFROM=pass,unknown,error,none,neutral opt BOFHSPFFROM=pass,unknown,error,none,neutral,mailfromok opt BOFHSPFTRUSTME=1 This is the result of me sending a test message to [EMAIL PROTECTED] Aug 20 11:29:02 mail courieresmtpd: started,ip=[::ffff:203.17.154.25] Aug 20 11:29:06 mail courierd: newmsg,id=000BB289.48AB7361.00004973: dns; m0.velocity.net.au (mail.velocitynet.com.au [::ffff:203.17.154.25]) Aug 20 11:29:08 mail courieresmtpd: started,ip=[::ffff:203.17.154.25] Aug 20 11:29:16 mail courieresmtpd: error,relay=::ffff:203.17.154.25, from=<[EMAIL PROTECTED]>: 517 SPF fail [EMAIL PROTECTED]: Address does not pass the Sender Policy Framework As mentioned, I thought a BOFHSPFFROM=mailfromok would cover this situation so can anyone suggest what might be going on here ?
mailfromok means that if the SMTP MAIL FROM: address passes SPF, the From: header is not checked. This settings helps SPF work with mailing lists. If a mailing list has its own SPF record, and the list messages carry the mailing list's return address, its valid SPF record validates list messages from senders who have their own SPF records. lists.sourceforge.net has its own SPF record. My mail sent to this list will pass SPF checking even though my domain's SPF record does not include lists.sourceforge.net's IPs.
renta.net's SPF record does not seem to include 203.17.154.25, so mailfromok is not in effect.
pgprW3ixpUYEr.pgp
Description: PGP signature
------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
