Ricardo Kleemann writes:
Hi, I have SPF configured as follows: opt BOFHSPFHELO=pass,none,neutral,softfail,unknownopt BOFHSPFMAILFROM=pass,none,neutral,softfail,unknown opt BOFHSPFFROM=pass,none,neutral,softfail,unknown opt BOFHSPFTRUSTME=1Then I received a spam as if coming from myself, so I went to check the headers, I see the SPF headers all stating that SPF check does not pass. The reason it says "Old-Received-SPF" is because this message is forwarded from a different account on another domain also running courier, configured exactly the same as above. All the SPF checks show "not pass" so why was the message not rejected? Old-Received-SPF: none (Address does not pass the Sender Policy Framework)SPF=HELO;
"none" is listed in BOFHSPFHELO, therefore this check passes.
Old-Received-SPF: softfail (Address does not pass the Sender Policy Framework)SPF=MAILFROM;
"softfail" is listed in BOFHSPFMAILFROM, so this check passes.If you do not want to accept messages that evaluate to "softfail", for their MAIL FROM address, remove "softfail" from BOFHSPFMAILFROM.
Old-Received-SPF: softfail (Address does not pass the Sender Policy Framework)SPF=FROM;
"softfail" is listed in BOFHSPFFROM, so this check passes.If you do not want to accept messages that evaluate to "softfail", for their FROM address, remove "softfail" from BOFHSPFFROM.
Also, your BOFHSPFFROM should also include "mailfromok". See the courier man page.
pgpcWQ3d5fcrP.pgp
Description: PGP signature
------------------------------------------------------------------------------ Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H
_______________________________________________ courier-users mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
