> > > envelope_sender_header X-Envelope-From > > should be good with Return-Path with is default postfix
Yes > > > always_trust_envelope_sender 1 > > > > > loadplugin Mail::SpamAssassin::Plugin::SPF > > is in some kind of pre file right ? :=) > > if its now in cf file it could break fucktionalty It is in init.pre. > > > spf_timeout 5 > > > ignore_received_spf_header 0 > > this could be 1, so it does not use forged results > > > use_newest_received_spf_header 0 > > also a risk of forged results I used the default values: > perldoc Mail::SpamAssassin::Plugin::SPF ignore_received_spf_header (0|1) (default: 0) use_newest_received_spf_header (0|1) (default: 0) I just changed them to 1, but the final result did not change. > > When running the debugger, this is what I see. > > > > > [...] dbg: message: X-Envelope-From header found after 1 or more > > > Received lines, cannot trust envelope-from > > > > > [...] dbg: spf: EnvelopeFrom not found in first external Received > > > header > > > [...] dbg: spf: EnvelopeFrom header not found > > > [...] dbg: spf: cannot get EnvelopeFrom, cannot use SPF by DNS > > > > The test.eml contains a single Received-SPF. > > > > What is the problem? > > > perldoc Mail::SpamAssassin::Conf, i think you miss to configure > trusted_networks, internal_networks, msa_networks > > it have to know ALL your wan ips > > if not defined then spf plugin does not know what to trust This is what I am using in local.cf: internal_networks !0/0 trusted_networks [MTA's IP] msa_networks [MTA's IP] However, this is what the debug has to say: > [...] dbg: config: trusted_networks are not configured; it is recommended > that you configure trusted_networks manually
