Michael Monnerie wrote: > I got report from a customer for the following problem: A guy of them > sits with his notebook somewhere, connecting to the internet over some > ISP, sending e-mail over our server (which he should do, and is only > possible via pop-before-smtp). In DNS, I setup that only our server is > allowed to send e-mail from that domain (changed to @mycustomer.com > below). Now why does SA say SPF_FAIL here? It should accept that > message, as it came directly from the customer to our server. Normally > this works, I just got this message rejected (although I'm not sure if > other messages aren't marked SPF_FAIL). Hiccup? > > Received: from CUSTOMER_PC (p5498715A.dip.t-dialin.net > [84.152.113.90]) by power2u.goelsen.net (Postfix) with ESMTP id > D32FD4BE10 for <hidden>; Tue, 13 Dec 2005 14:59:54 +0100 (CET) > From: [EMAIL PROTECTED] > To: [EMAIL PROTECTED] > Date: Tue, 13 Dec 2005 08:59:46 -0600 > X-Spam-Status: Yes, hits=5.406 tagged_above=-999 required=5 > tests=AWL=-0.135, > BAYES_05=-1.11, HTML_90_100=0.113, HTML_MESSAGE=0.001, > MSGID_FROM_MTA_ID=1.393, RCVD_IN_NJABL_DUL=1.946, > RCVD_IN_SORBS_DUL=2.046, > RELAY_DE=0.01, SPF_FAIL=1.142 > X-Spam-Level: ***** > X-Spam-Flag: YES
No, it's working as designed. The guy with his laptop was not on your network and was sending mail from your domain. Therefore, the SPF check failed. Looking at the headers above, if the SPF record for customer.com does not allow mail to come from 84.152.113.90, then the check will fail. -- Bowie
