Am 31.05.2016 um 21:03 schrieb A. Schulze:
Am 31.05.2016 um 19:09 schrieb Johannes Bauer:
Hello list,
I know this is a bit off-topic, but I'm not sure if I misconfigured
Postfix to result in this: Just today, an email of mine was rejected due
to SPF reasons:
host mx-ha03.web.de[212.227.15.17] said:
550-Requested action not taken: mailbox unavailable
550-Reject due to SPF policy.
550-The originating IP of the message is not permitted by the domain
owner.
550 For explanation visit
http://postmaster.web.de/error-messages?ip=64.98.36.17&c=spf (in reply
to MAIL FROM command)
I have multiple domains, let's call them foobar.de and joebauer.de.
"foobar.de" is the primary host name (and there's an A record for
foobar.de and *.foobar.de). The reverse DNS of the IP points to
foobar.de as well.
For my other domain, joebauer.de, also the A records for joebauer.de and
*.joebauer.de point to that same IP address of my server. The MX is set
to mail.joebauer.de and the TXT is set to "v=spf1 mx -all".
According to the tests at http://www.kitterman.com/spf/validate.html a
mail originating from my server's IP with a FROM of j...@joebauer.de
should have no problems passing the SPF test. However the remote MTA
complains and rejects delivery. I do not know what HELO Postfix issued,
but tried all of foo.foobar.de, foobar.de and joebauer.de in the
kitterman test -- all of which passed SPF.
Can anyone help shed light on what I have misconfigured here?
1&1 changed the policy some time/days/weeks ago. They now reject
messages that could not be authenticated
by spf if the senderdomain request it ( end with "-all" )
Andreas
i had a similar issue a while back ago when switching to new servers.
the new servers supported the IPv6 protocol and as far as i remember
IPv6 is always preferred before IPv4.
my problem was a missing IP reverse DNS entry for the IPv6 address of my
server. i had an IPv4 reverse DNS setup but this wasn't enough as IPv6
is always preferred.
hope this helps ;)
becki
