On 1/23/2006 12:10 PM, Kristopher Austin wrote:
After seeing all the SPF discussion lately I decided to actually ask you
guys about this problem.
I have many whitelist_from_spf entries where I usually keep my whitelist
entries. For some reason, I have never seen a hit on
USER_IN_SPF_WHITELIST. I have received plenty of emails that I believe
should have hit. Here are some example entries:
whitelist_from_spf [EMAIL PROTECTED]
After further investigation I notice that I have plenty of SPF_HELO_*
hits, but no SPF_* hits. I assume this issue is probably related to the
other. What is the difference between SPF_HELO rules and the plain SPF
versions? Why would I not be seeing any hits on the non-HELO ones?
If SpamAssassin isn't running on your gateway MX, and your
trusted_networks are set correctly, which they are...
I have trusted_networks configured correctly. I have the plugin enabled
and I see no errors with a spamassassin --lint -D. All the SPF
dependencies are loaded. I am using SA 3.1 / sa-exim / exim 4.60 /
Debian 3.1.
...you won't see anything but SPF_HELO_* hits unless you add this line
to your local.cf:
always_trust_envelope_sender 1
By default (I'm starting to think that it shouldn't be by default), SA
will not trust the envelope sender since it could possibly have been
modified by one of the (trusted) internal_networks hosts. Without an
envelope sender that it can trust, SA can't do SPF checks on the
envelope sender (which is what the SPF_* checks are).
I really have no idea on how to proceed from here. How does one test
the SPF tests and get debug output on it?
spamassassin -Dspf < test.msg
Daryl
