Hello. I configured courier MTA to check SPF for incoming mail. At the moment, we check only HELO-SPF. This worked for a couple of years without problems.
This is the configuration in bofh opt BOFHSPFTRUSTME=1 opt BOFHSPFHELO=pass,neutral,unknown,none,error,softfail opt BOFHSPFFROM=off opt BOFHSPFMAILFROM=off opt BOFHSPFHARDERROR=fail Recently, a messages got rejected with this line in the log: Sep 9 19:50:36 zucker courieresmtpd: error,relay=2a03:4000:2:4f2::1,from=<xxxxx...@thelambda.de>: 517 SPF fail thelambda.de: Address does not pass the Sender Policy Framework # dig +short txt thelambda.de "v=spf1 mx -all" # dig +short mx thelambda.de 10 mail.thelambda.de. # dig +short aaaa mail.thelambda.de 2a03:4000:2:4f2::1 I have no clue why this SPF check fails. The connecting MTA has "thelambda.de" configured as HELO-hostname. Connections via IPv4 are working. Can anybody clarify this? Sincerely, Bernd
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Want excitement? Manually upgrade your production database. When you want reliability, choose Perforce Perforce version control. Predictably reliable. http://pubads.g.doubleclick.net/gampad/clk?id=157508191&iu=/4140/ostg.clktrk
_______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users