Hello all,I have just set up courier mta on debian jessie (0.73.1-1.6 from repositories) and tested SPF. I believe it is not working as I expected. Here I quote the delivered message:
-------------------------------------------- Delivered-To: etchte...@jessietest.acvyskov.cz Return-Path: <a...@facebook.com> Received: from admin.acvyskov.cz (admin.acvyskov.cz [::ffff:94.199.192.179]) by jessietest.acvyskov.cz with ESMTP; Fri, 28 Aug 2015 15:45:21 +0200 id 000000000000D590.0000000055E06626.00004156 Received-SPF: neutral (Address does not pass the Sender Policy Framework) SPF=MAILFROM; sender=a...@facebook.com; remoteip=::ffff:94.199.192.179; remotehost=admin.acvyskov.cz; helo=admin.acvyskov.cz; receiver=jessietest.acvyskov.cz; From: a...@facebook.com To: etchte...@jessietest.acvyskov.cz subject: test smtp 25 admin fb Received-SPF: neutral (Address does not pass the Sender Policy Framework) SPF=FROM; sender=a...@facebook.com; remoteip=::ffff:94.199.192.179; remotehost=admin.acvyskov.cz; helo=admin.acvyskov.cz; receiver=jessietest.acvyskov.cz; --------------------------------------------
SPF record are: facebook.com. IN TXT "v=spf1 redirect=_spf.facebook.com"_spf.facebook.com. IN TXT "v=spf1 ip4:69.63.179.25 ip4:69.63.178.128/25 ip4:69.63.184.0/25 ip4:66.220.144.128/25 ip4:66.220.155.0/24 ip4:69.171.232.0/25 i" "p4:66.220.157.0/25 ip4:69.171.244.0/24 mx -all"
-------------------------------------------- my BOFH config settings are: maxrcpts 100 opt BOFHNOBASE64TEXT=0 opt BOFHSPFHELO=pass,none,neutral,softfail,unknown,error opt BOFHSPFMAILFROM=pass,none,neutral,softfail,unknown,error opt BOFHSPFFROM=pass,none,neutral,softfail,unknown,error,mailfromok opt BOFHSPFHARDERROR=fail,softfail opt BOFHSPFTRUSTME=1 --------------------------------------------I was expecting the message fo fail as I was sending via IPv4 address 94.199.192.179 and used a fake sending address a...@facebook.com.
I verified the SPF record with this tool: http://www.openspf.org/Why?show-form=1&identity=a%40facebook.com&ip-address=94.199.192.179I made another test later sending as "a...@adobe.com". This time my message got blocked during SMTP handshake:
-------------------------------------------- mail from: <a...@adobe.com> 517 SPF fail a...@adobe.com: Address does not pass the Sender Policy Framework --------------------------------------------The only difference I can see are the SPF records themself. While facebook uses "redirect" reference, Adobe uses direct values:
--------------------------------------------adobe.com. IN TXT "v=spf1 ip4:192.150.19.146 ip4:192.150.11.66 ip4:192.150.11.134 ip4:193.104.215.16 ip4:193.104.215.18 ip4:23.23.191.130 ip4:174.129.221.39 ip4:54.81.114.235 ip4:54.64.100.187 ip4:54.69.117.153 ip4:54.77.92.124 ip4:54.64.227.212 include:spf1.adobe.com -all"
--------------------------------------------To me it looks like courier is not honoring the "-all" in referenced records.
I appreciate all your work on courier software and send this report to help make it even better :-)
regards Jan
smime.p7s
Description: Elektronicky podpis S/MIME
------------------------------------------------------------------------------
_______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users