I think SPF worked correctly in your scenario, since SPF is based upon the envelope sender address and the delivering MTA (forwarding or originating). The problem here is that the wrong receiving MTA is doing the SPF check.
|(A) Send MTA|---->|(B) Rec MTA|---->|(C) Rec MTA| SPF should be checked by server (B). I'd expect all SFP checks by Server (C) to fail when the SPF record in DNS is configured for a hard fail "-all", unless of course, there is some special coding so that the IP of (A) is used, instead of the IP of (B), in the SPF check. WRT your question about SPF, REVDNS and HELOBOGUS, when an inbound gateway is used, I'd expect HELOBOGUS to be useless, but for SPF and REVDNS to be functional. I'd like to know Declude's official response to your question, though. Friday, November 4, 2005, 5:09:14 AM, John T (Lists) <[EMAIL PROTECTED]> wrote: JTL> I sent an e-mail to a software vendor requesting answers to some questions. JTL> That message was rejected based on a SPF Fail. Yes, I have SPF records setup JTL> for my domains. So how did it fail, bad configuration on the recipient side. JTL> By reviewing the heads and the rejection notice, I found that my server JTL> handed the message of to the MX record for the recipient server as expected. JTL> However, the server listed in the MX then forwarded to a different e-mail JTL> address on a different server, mail13.atl.registeredsite.com. In this case, JTL> the MX record is a Imail 6.06 server. It appears that the Imail 6.06 server JTL> recorded its own IP address as being mine during the handshake. (Is this a JTL> known bug in Imail 6.06?) It appears that JTL> mail13.atl.registeredsite.com then JTL> tried to hand the message to mx03.csee.siteprotect.com, but that server ran JTL> a SPF query, found my record, saw that the connecting IP was 216.247.37.27 JTL> which is the IP for mail13.atl.registeredsite.com and correctly saw a SPF JTL> Fail. The problem is, it should not be looking at that IP since it was a JTL> forwarded message. Duh. The problem is why are they looking at the wrong IP? JTL> Now, my thought on Declude tests such as SPF, REVDNS, HELOBOGUS. If my JTL> server which is running those tests is sitting behind other servers of mine JTL> which are the front door gateway and MX records, and if I have SKIPIP and JTL> listing the IP of my gateway servers, does that effectively make those types JTL> of tests useless? JTL> SMTP (3090095d000044d9) processing F:\Spool\q3090095d000044d9.smd JTL> SMTP (3090095d000044d9) [x] looking up recipientdomain.moc in HOSTS and MX JTL> SMTP (3090095d000044d9) Trying recipientdomain.moc (0) JTL> SMTP (3090095d000044d9) [x] Connecting socket to service <SMTP> on host JTL> <recipientdomain.moc> using protocol <tcp> JTL> SMTP (3090095d000044d9) [x] using source IP for mail.eservicesforyou.net JTL> [67.94.227.39] JTL> SMTP (3090095d000044d9) Connect recipientdomain.moc [216.25.47.197:25] (1) JTL> SMTP (3090095d000044d9) 220 X1 NT-ESMTP Server mail.recipientdomain.moc JTL> (IMail 6.06 8010-10) JTL> SMTP (3090095d000044d9) >EHLO mail.eservicesforyou.net JTL> SMTP (3090095d000044d9) 250-mail.recipientdomain.moc says hello JTL> SMTP (3090095d000044d9) 250-SIZE 0 JTL> SMTP (3090095d000044d9) 250-8BITMIME JTL> SMTP (3090095d000044d9) 250-DSN JTL> SMTP (3090095d000044d9) 250-ETRN JTL> SMTP (3090095d000044d9) 250 EXPN JTL> Received: from mail.recipientdomain.moc (mail.recipientdomain.moc JTL> [216.25.47.197]) JTL> by mail13.atl.registeredsite.com (8.12.11/8.12.11) with ESMTP id JTL> jA49vpJ2009604 JTL> for <[EMAIL PROTECTED]>; Fri, 4 Nov 2005 04:57:51 JTL> -0500 JTL> Received: from SMTP32-FWD by mail.recipientdomain.moc JTL> (SMTP32) id A000003AC; Fri, 4 Nov 2005 04:57:50 -0500 JTL> Received: from mail.eservicesforyou.net [216.25.47.197] by JTL> mail.recipientdomain.moc with ESMTP JTL> (SMTPD32-6.06) id A09D5D1300B8; Fri, 04 Nov 2005 04:57:49 -0500 JTL> Received: from wks1 [192.168.16.11] by mail.eservicesforyou.net with ESMTP JTL> (SMTPD-8.20) id A09006A0; Fri, 04 Nov 2005 01:57:36 -0800 JTL> John T JTL> eServices For You JTL> --- JTL> This E-mail came from the Declude.JunkMail mailing list. To JTL> unsubscribe, just send an E-mail to [EMAIL PROTECTED], and JTL> type "unsubscribe Declude.JunkMail". The archives can be found JTL> at http://www.mail-archive.com. ---- Don Brown - Dallas, Texas USA Internet Concepts, Inc. [EMAIL PROTECTED] http://www.inetconcepts.net (972) 788-2364 Fax: (972) 788-5049 ---- --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
