Hello.

I configured courier MTA to check SPF for incoming mail. At the moment,
we check only HELO-SPF. This worked for a couple of years without problems.

This is the configuration in bofh

opt BOFHSPFTRUSTME=1
opt BOFHSPFHELO=pass,neutral,unknown,none,error,softfail
opt BOFHSPFFROM=off
opt BOFHSPFMAILFROM=off
opt BOFHSPFHARDERROR=fail

Recently, a messages got rejected with this line in the log:

Sep  9 19:50:36 zucker courieresmtpd:
error,relay=2a03:4000:2:4f2::1,from=<xxxxx...@thelambda.de>: 517 SPF
fail thelambda.de: Address does not pass the Sender Policy Framework

# dig +short txt thelambda.de
"v=spf1 mx -all"
# dig +short mx thelambda.de
10 mail.thelambda.de.
# dig +short aaaa mail.thelambda.de
2a03:4000:2:4f2::1

I have no clue why this SPF check fails. The connecting MTA has
"thelambda.de" configured as HELO-hostname.
Connections via IPv4 are working.

Can anybody clarify this?

Sincerely,
Bernd

Attachment: signature.asc
Description: OpenPGP digital signature

------------------------------------------------------------------------------
Want excitement?
Manually upgrade your production database.
When you want reliability, choose Perforce
Perforce version control. Predictably reliable.
http://pubads.g.doubleclick.net/gampad/clk?id=157508191&iu=/4140/ostg.clktrk
_______________________________________________
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Reply via email to