Re: [exim-dev] SPF not working properly
David Saez Padros via Exim-dev (Fr 20 Dez 2019 08:46:10 CET): > Hi > > i'm a bit confused, exim is using libspf2 like spfquery.libspf2 > does and both return different results, not sure why exim is doing > dns queries itself to interpret spf, the libspf2 documentation gives > a very simple example while exim's spf.c looks more complex Exim intercepts the DNS queries made from libspf2. Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome --- key ID: F69376CE - ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 - signature.asc Description: PGP signature -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
Re: [exim-dev] SPF not working properly
Hi i'm a bit confused, exim is using libspf2 like spfquery.libspf2 does and both return different results, not sure why exim is doing dns queries itself to interpret spf, the libspf2 documentation gives a very simple example while exim's spf.c looks more complex El 19/12/2019 a las 15:14, Jeremy Harris via Exim-dev escribió: On 19/12/2019 10:54, David Saez Padros via Exim-dev wrote: On the new release i get a lot of spf failures that make me have to disable spf. Thanks for the debug info. This looks like a variant of bug 2499. -- Best regards ... David Saez On-Line Services 2000 S.L. http://www.ols.es -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
Re: [exim-dev] SPF not working properly
On 19/12/2019 10:54, David Saez Padros via Exim-dev wrote: > On the new release i get a lot of spf failures that make me have to > disable spf. Thanks for the debug info. This looks like a variant of bug 2499. -- Cheers, Jeremy -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
[exim-dev] SPF not working properly
Hi On the new release i get a lot of spf failures that make me have to disable spf. I tried to debug this spf rejection: 2019-12-19 11:09:33 H=mta-90-197.sparkpostmail.com [192.174.90.197] Warning: SPF msprvs1=18256LU-Q9YGR=bounces-23293-11...@spmailtechnol.com mta-90-197.sparkpostmail.com a.mx.olsns.net: transitioning domain of spmailtechnol.com does not designate 192.174.90.197 as permitted sender but spquery gives a different result: # spfquery.libspf2 -i 192.174.90.197 -s msprvs1=18256LU-Q9YGR=bounces-23293-11...@spmailtechnol.com pass spfquery: domain of spmailtechnol.com designates 192.174.90.197 as permitted sender Received-SPF: pass (spfquery: domain of spmailtechnol.com designates 192.174.90.197 as permitted sender) client-ip=192.174.90.197; envelope-from=msprvs1=18256LU-Q9YGR=bounces-23293-11...@spmailtechnol.com; but exim seems to do something wrong (it found the proper record but it just ignored it): 11:43:00 32431 spf_process spf_dns.c:54 Debug: DNS[cache] lookup: spmailtechnol.com TXT (16) spf_dns.c:54 Debug: DNS[exim] lookup: spmailtechnol.com TXT (16) 11:43:00 32431 SPF_dns_exim_lookup 11:43:00 32431 DNS lookup of spmailtechnol.com (TXT) succeeded spf_dns.c:66 Debug: DNS[exim] found record spf_dns.c:69 Debug: DOMAIN: spmailtechnol.com TYPE: TXT (16) spf_dns.c:76 Debug: TTL: 300 RR found: 1 herrno: 0 source: exim spf_dns.c:94 Debug: - TXT: v=spf1 exists:%{i}._spf.sparkpostmail.com ~all spf_dns.c:66 Debug: DNS[cache] found record spf_dns.c:69 Debug: DOMAIN: spmailtechnol.com TYPE: TXT (16) spf_dns.c:76 Debug: TTL: 300 RR found: 1 herrno: 0 source: exim spf_dns.c:94 Debug: - TXT: v=spf1 exists:%{i}._spf.sparkpostmail.com ~all spf_server.c:402 Debug: get_record(spmailtechnol.com): NETDB_SUCCESS spf_server.c:443 Debug: found SPF record: v=spf1 exists:%{i}._spf.sparkpostmail.com ~all spf_compile.c:1210 Debug: Compiling record v=spf1 exists:%{i}._spf.sparkpostmail.com ~all spf_compile.c:1314 Debug: Name starts at exists:%{i}._spf.sparkpostmail.com ~all spf_compile.c:1408 Debug: Adding mechanism type 7 spf_compile.c:847Debug: SPF_c_mech_add: type=7, value=:%{i}._spf.sparkpostmail.com ~all spf_compile.c:689Debug: Parsing domainspec starting at %{i}._spf.sparkpostmail.com ~all, cidr is forbidden spf_compile.c:523Debug: Parsing macro starting at %{i}._spf.sparkpostmail.com ~all spf_compile.c:1314 Debug: Name starts at all spf_compile.c:1408 Debug: Adding mechanism type 8 spf_compile.c:847Debug: SPF_c_mech_add: type=8, value= spf_dns.c:54 Debug: DNS[cache] lookup: 192.174.90.197._spf.sparkpostmail.com A (1) spf_dns.c:54 Debug: DNS[exim] lookup: 192.174.90.197._spf.sparkpostmail.com A (1) 11:43:00 32431 SPF_dns_exim_lookup 11:43:00 32431 DNS lookup of 192.174.90.197._spf.sparkpostmail.com (A) succeeded spf_dns.c:66 Debug: DNS[exim] found record spf_dns.c:69 Debug: DOMAIN: (null) TYPE: ANY (255) spf_dns.c:76 Debug: TTL: 86400 RR found: 0 herrno: 1 source: exim spf_dns.c:66 Debug: DNS[cache] found record spf_dns.c:69 Debug: DOMAIN: (null) TYPE: ANY (255) spf_dns.c:76 Debug: TTL: 86400 RR found: 0 herrno: 1 source: exim spf_interpret.c:1231 Debug: found 0 A records for 192.174.90.197._spf.sparkpostmail.com (herrno: 1) 11:43:00 32431 SPF result is softfail (4) -- Best regards ... David Saez On-Line Services 2000 S.L. http://www.ols.es -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##