Hello,
I am only using SPF, DKIM and DMARC information to up points in my
spamassassin (there are too many badly configured SPF sites around, and
they most of the time are not DNSSEC-secured). In general, SPF/DMARC
alone is not enough to mark as spam in my opinion.
However, someone reported the following issue with Sunrise: apparently they are
lacking at least ONE of their webmail SMTP senders in their SPF records:
195.141.178.228 for example.
dplanet.ch descriptive text "v=spf1 mx include:spf.sunrise.ch -all"
spf.sunrise.ch descriptive text "v=spf1 ip4:195.141.178.100
ip4:195.141.178.101 ip4:195.141.178.220 ip4:195.141.178.221 ip4:195.141.178.223
ip4:195.141.178.229 ip4:195.141.178.94 ip4:195.141.178.95 ip4:195.141.178.96
ip4:195.141.178.71 ip4:195.141.178.199 ip4:195.141.178.74 195.141.178."
It especially may break dplanet.ch senders as their DMARC policy is quarantine
(sunrise's is none). Gmail was for example reporting random problems depending
on the sunrise sender (webmail) SMTP IP address:
ARC-Authentication-Results: i=1; mx.google.com;
spf=pass (google.com: domain of innocent-bu...@dplanet.ch designates
195.141.178.229 as permitted sender)
smtp.mailfrom=innocent-bu...@dplanet.ch;
dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE)
header.from=dplanet.ch
ARC-Authentication-Results: i=1; mx.google.com;
spf=fail (google.com: domain of innocent-bu...@dplanet.ch does not
designate 195.141.178.228 as permitted sender)
smtp.mailfrom=innocent-bu...@dplanet.ch;
dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=QUARANTINE)
header.from=dplanet.ch
Sunrise end-user support did not seem to notice yet, so if someone around
here has better / direct contact, it would be handy.
Have a nice week-end anyway.
_______________________________________________
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
