SPF not "working correct"
Jan Agermose
ja at conviator.com
Sun Aug 23 10:34:16 IST 2009
seams to be a missing:
envelope_sender_header From
always_trust_envelope_sender 1
in /etc/mail/spamassassin/local.cf
:)
From: mailscanner-bounces at lists.mailscanner.info
[mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Jan
Agermose
Sent: 23. august 2009 10:41
To: MailScanner discussion
Subject: RE: SPF not "working correct"
I ran a test on a non-spam message from myself - it seams it does not
get the Evelope-From - but maybe thats because of the way im running the
test?
spamassassin -D <
/var/spool/MailScanner/quarantine/20090823/nonspam/n7N82uEC024928 2>&1 |
grep -i spf
[5112] dbg: plugin: loading Mail::SpamAssassin::Plugin::SPF from @INC
[5112] dbg: config: fixed relative path:
/var/lib/spamassassin/3.002005/updates_spamassassin_org/25_spf.cf
[5112] dbg: config: using
"/var/lib/spamassassin/3.002005/updates_spamassassin_org/25_spf.cf" for
included file
[5112] dbg: config: read file
/var/lib/spamassassin/3.002005/updates_spamassassin_org/25_spf.cf
[5112] dbg: config: fixed relative path:
/var/lib/spamassassin/3.002005/updates_spamassassin_org/60_whitelist_spf
.cf
[5112] dbg: config: using
"/var/lib/spamassassin/3.002005/updates_spamassassin_org/60_whitelist_sp
f.cf" for included file
[5112] dbg: config: read file
/var/lib/spamassassin/3.002005/updates_spamassassin_org/60_whitelist_spf
.cf
[5112] dbg: rules: ran header rule __SARE_HEAD_SUBJ_RAND ======> got
hit: "test spf
[5112] dbg: spf: checking to see if the message has a Received-SPF
header that we can use
[5112] dbg: spf: using Mail::SPF for SPF checks
[5112] dbg: spf: checking HELO (helo=mx1.myoutlookonline.com,
ip=64.95.72.238)
[5112] dbg: spf: query for /64.95.72.238/mx1.myoutlookonline.com:
result: none, comment: , text: No applicable sender policy available
[5112] dbg: spf: already checked for Received-SPF headers, proceeding
with DNS based checks
[5112] dbg: spf: cannot get Envelope-From, cannot use SPF
[5112] dbg: spf: def_spf_whitelist_from: already checked spf and didn't
get pass, skipping whitelist check
[5112] dbg: spf: whitelist_from_spf: already checked spf and didn't get
pass, skipping whitelist check
Subject: test spf
Thread-Topic: test spf
From: mailscanner-bounces at lists.mailscanner.info
[mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Jan
Agermose
Sent: 23. august 2009 09:37
To: MailScanner discussion
Subject: SPF not "working correct"
hi
I had a small mishap in configuring the SPF plugin so no SPF records
ever turned up in the SA scores. Now it does. Well mostly SPF_HELO_XXX -
im more interested in SPF_PASS and SPF_FAIL and the others - not HELO
related. Just they do not show up. When I send a email from our domian
to a domain on the MailScanner setup there should be a SPF_PASS but
nothing shows up.
I searched the database to see if there is EVER a SPF_SPASS and there is
:) 67 of them. All from spam - all from domains that actually have a SPF
record - one that the plugin might need a small rewrite to overwrite the
result and make it a SPF_FAILD?
computercodewake.com. 3600 IN TXT "v=spf1 ip4:0.0.0.0/0
?all"
computercodewake.com. 3600 IN TXT "spf2.0/pra
ip4:0.0.0.0/0 ?all"
a) Since this is a completly open SPF record maybe it should really be
turned in to a SPF_FAILD (user config maybe)
b) anyway - my real problem is - why is this module not picking up on
SPF records? What might I be missing - what can I check? Its newest
MailScanner (at least as new as the FSL gold repo gives me :) - im
gussing its new :) )
regards
Jan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20090823/2b834f5a/attachment.html
More information about the MailScanner
mailing list