[
http://issues.apache.org/jira/browse/JAMES-604?page=comments#action_12432295 ]
Guillermo Grandes commented on JAMES-604:
-----------------------------------------
Yes, in the RFC (secction 2.5.7 PermError) says... 8-)
----
A "PermError" result means that the domain's published records could not
be correctly interpreted. This signals an error condition that requires manual
intervention to be resolved, as opposed to the TempError result.
----
The idea could be that if appears a "PermError" send it to repository
"SPF-Error" and warn the "Postmaster". and soon this one to use the
FromRepository if it considers it correct. :-?
On the other hand... the TempError also rejects mails, perhaps but it would be
possible to be accepted and in background to be doing checks (although
evidently he is much more complex to implement), as you see... :-)
Thanks :-)
> PERM_ERROR it would have to be configurable just as the SOFTFAIL - Related
> JAMES-481 (SPF support)
> --------------------------------------------------------------------------------------------------
>
> Key: JAMES-604
> URL: http://issues.apache.org/jira/browse/JAMES-604
> Project: James
> Issue Type: Bug
> Components: SMTPServer
> Affects Versions: 3.0
> Environment: James 3.0
> Reporter: Guillermo Grandes
> Assigned To: Norman Maurer
> Priority: Minor
>
> trunk/src/java/org/apache/james/smtpserver/core/filter/fastfail/SPFHandler.java:doSPFCheck
> PERM_ERROR_CONV it would have to be configurable just as the SOFTFAIL
> =================================================================
> // Check if we should block!
> if ((spfResult.equals(SPF1Utils.FAIL_CONV))
> || (spfResult.equals(SPF1Utils.SOFTFAIL_CONV) &&
> blockSoftFail)
> - || spfResult.equals(SPF1Utils.PERM_ERROR_CONV)) {
> + || (spfResult.equals(SPF1Utils.PERM_ERROR_CONV) &&
> blockPermFail)) {
> =================================================================
> Why? The Big example.... Microsoft.com (a little sad)
> 3166 [main] WARN org.apache.james.jspf.SPF - Maximum mechanism/modifier
> calls done: 11
> org.apache.james.jspf.exceptions.PermErrorException: Maximum
> mechanism/modifier calls done: 11
> at org.apache.james.jspf.SPF.checkSPF(SPF.java:177)
> at
> org.apache.james.jspf.terms.IncludeMechanism.run(IncludeMechanism.java:83)
> at org.apache.james.jspf.core.Directive.run(Directive.java:47)
> at org.apache.james.jspf.SPF.checkSPF(SPF.java:189)
> at org.apache.james.jspf.SPF.checkSPF(SPF.java:98)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:585)
> at bsh.Reflect.invokeMethod(Unknown Source)
> at bsh.Reflect.invokeObjectMethod(Unknown Source)
> at bsh.Name.invokeMethod(Unknown Source)
> at bsh.BSHMethodInvocation.eval(Unknown Source)
> at bsh.BSHPrimaryExpression.eval(Unknown Source)
> at bsh.BSHPrimaryExpression.eval(Unknown Source)
> at bsh.BSHVariableDeclarator.eval(Unknown Source)
> at bsh.BSHTypedVariableDeclaration.eval(Unknown Source)
> at bsh.Interpreter.eval(Unknown Source)
> at bsh.Interpreter.source(Unknown Source)
> at bsh.Interpreter.main(Unknown Source)
> 3168 [main] INFO org.apache.james.jspf.SPF - [ipAddress=131.107.1.18]
> [EMAIL PROTECTED] [helo=bill] => error
> RESULT: error
> HEADER: Received-SPF: error (spfCheck: Error in processing SPF Record)
> client-ip=131.107.1.18; [EMAIL PROTECTED]; helo=bill;
> EXPLAN:
> +1 # dig +short microsoft.com. TXT
> "v=spf1 mx include:_spf-a.microsoft.com include:_spf-b.microsoft.com
> include:_spf-c.microsoft.com ~all"
> +4
> # dig +short microsoft.com. MX
> 10 mailc.microsoft.com.
> 10 maila.microsoft.com.
> 10 mailb.microsoft.com.
> +3
> # dig +short _spf-a.microsoft.com. TXT
> "v=spf1 ip4:213.199.128.139 ip4:213.199.128.145
> ip4:207.46.50.72 ip4:207.46.50.82 a:delivery.pens.microsoft.com
> a:mh.microsoft.m0.net mx:microsoft.com ~all"
> +2
> +1 (MX repeated)
> # dig +short _spf-b.microsoft.com. TXT
> "v=spf1 a:delivery2.pens.microsoft.com
> a:delivery.smtp.microsoft.com a:smtp.msn.com mx:exchange.microsoft.com
> ip4:131.107.65.22 ip4:131.107.65.131 ip4:131.107.1.101 ip4:131.107.1.102
> ip4:217.77.141.52 ip4:217.77.141.59 ~all"
> +4
> # dig +short _spf-c.microsoft.com. TXT
> "v=spf1 ip4:131.107.1.18 ip4:131.107.1.19 ip4:131.107.1.20
> ip4:131.107.70.12 ip4:131.107.70.16 ~all"
> Total: 14/15, result: PERM_ERROR
> Extracted from RFC(4408):
> # Result Intended action Explanation
> # --------- ----------------
> -----------------------------------------------------------------------------------------
> # pass Accept The SPF record designates the host to be allowed
> to send
> # fail Reject The SPF record has designated the host as NOT
> being allowed to send
> # softfail Accept but mark The SPF record has designated the host as NOT
> being allowed to send but is in transition
> # neutral Accept The SPF record specifies explicitly that nothing
> can be said about validity
> # none Accept The domain does not have an SPF record or the
> SPF record does not evaluate to a result
> # TempError Accept or Reject A transient error has occured
> # PermError Unspecified A permanent error has occured (eg. badly
> formatted SPF record)
> #
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
