Re: [courier-users] DNS MX lookup failed.?
Mark Constable writes: On 16/02/11, Sam Varshavchik wrote: Received-SPF: error (DNS MX lookup failed.?) SPF=FROM; sender=po...@pobox.com; remoteip=:::64.74.157.115; remotehost=; helo=support.icgroup.com; receiver=mail.spiderweb.com.au; The above is courier 0.60.0 with this bofh... opt BOFHBADMIME=accept opt BOFHSPFHELO=pass,none,neutral,softfail,unknown,error opt BOFHSPFMAILFROM=pass,none,neutral,softfail,unknown,error opt BOFHSPFFROM=pass,none,neutral,softfail,unknown,error,mailfromok opt BOFHSPFTRUSTME=1 opt BOFHSUPPRESSBACKSCATTER=smtp,authsmtp I just sifted through the code. I believe that when a DNS lookup fails, the resulting status is error, and not softfail, so you really need the following patch. I think I can put together a test scenario in the next day or two -- set up a fake subdomain on one of my domain with an NS record pointing to a bogus IP address. That should reliably result in a DNS lookup error resolving the given domain. Stay tuned… diff -U3 -r1.74 submit.C --- courier/submit.C12 Oct 2010 00:27:55 - 1.74 +++ courier/submit.C16 Feb 2011 02:56:53 - @@ -887,7 +887,8 @@ return 1; } frominfo.receivedspfmailfrom=receivedspfmailfrom; - if (strcmp(result, pass) == 0) + if (strcmp(result, pass) == 0 || + strcmp(result, error) == 0) frominfo.mailfrom_passed_spf=1; } Sorry to bother you Sam but this problem is impacting even more clients than I thought and I'm stuck on older Debian systems which I can't upgrade until I physically get near the server. IOW I can't really test this myself. Any progress or workarounds until an official solution? The above code is the code that's currently in, and will be in the next release. pgpqIxkaGSw9P.pgp Description: PGP signature -- Colocation vs. Managed Hosting A question and answer guide to determining the best fit for your organization - today and in the future. http://p.sf.net/sfu/internap-sfd2d___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] DNS MX lookup failed.?
On 15/03/11, Sam Varshavchik wrote: Any progress or workarounds until an official solution? The above code is the code that's currently in, and will be in the next release. Ah great, so I could patch 0.65.3 and be good or wait for 0.65.4. Dare I ask how long, rough estimate, before 0.65.4 will be released? --markc -- Colocation vs. Managed Hosting A question and answer guide to determining the best fit for your organization - today and in the future. http://p.sf.net/sfu/internap-sfd2d ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] DNS MX lookup failed.?
Mark Constable writes: On 15/03/11, Sam Varshavchik wrote: Any progress or workarounds until an official solution? The above code is the code that's currently in, and will be in the next release. Ah great, so I could patch 0.65.3 and be good or wait for 0.65.4. Dare I ask how long, rough estimate, before 0.65.4 will be released? Not sure. The major version will bump. There's been a ton of changes under the scene, dealing with mostly webmail, maildrop, and imap. They need a good shaking out. You can certainly patch this in. This is an almost a no-risk patch. pgpYt5ASscufF.pgp Description: PGP signature -- Colocation vs. Managed Hosting A question and answer guide to determining the best fit for your organization - today and in the future. http://p.sf.net/sfu/internap-sfd2d___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] DNS MX lookup failed
Grzegorz Janoszka writes: Aug 3 09:52:15 poczta courieresmtpd: error,relay=:::193.41.230.201,from=[EMAIL PROTECTED]: 417 SPF error [EMAIL PROTECTED]: DNS MX lookup failed.? Is any way to remove such errors? This machine has no problem to see MX: poczta:~# host -t mx mbank.pl mbank.pl mail is handled by 0 mail.bremultibank.com.pl. mbank.pl mail is handled by 10 mx.bremultibank.com.pl. One single DNS lookup doesn't really say much. Perhaps mbank.pl's DNS servers are flaky, or one of .pl's servers was briefly on a fritz. pgp6ugJ9olnFQ.pgp Description: PGP signature