I sent an e-mail to a software vendor requesting answers to some questions.
That message was rejected based on a SPF Fail. Yes, I have SPF records setup
for my domains. So how did it fail, bad configuration on the recipient side.
By reviewing the heads and the rejection notice, I found that my server
handed the message of to the MX record for the recipient server as expected.
However, the server listed in the MX then forwarded to a different e-mail
address on a different server, mail13.atl.registeredsite.com. In this case,
the MX record is a Imail 6.06 server. It appears that the Imail 6.06 server
recorded its own IP address as being mine during the handshake. (Is this a
known bug in Imail 6.06?) It appears that mail13.atl.registeredsite.com then
tried to hand the message to mx03.csee.siteprotect.com, but that server ran
a SPF query, found my record, saw that the connecting IP was 216.247.37.27
which is the IP for mail13.atl.registeredsite.com and correctly saw a SPF
Fail. The problem is, it should not be looking at that IP since it was a
forwarded message. Duh. The problem is why are they looking at the wrong IP?
Now, my thought on Declude tests such as SPF, REVDNS, HELOBOGUS. If my
server which is running those tests is sitting behind other servers of mine
which are the front door gateway and MX records, and if I have SKIPIP and
listing the IP of my gateway servers, does that effectively make those types
of tests useless?
SMTP (3090095d000044d9) processing F:\Spool\q3090095d000044d9.smd
SMTP (3090095d000044d9) [x] looking up recipientdomain.moc in HOSTS and MX
SMTP (3090095d000044d9) Trying recipientdomain.moc (0)
SMTP (3090095d000044d9) [x] Connecting socket to service <SMTP> on host
<recipientdomain.moc> using protocol <tcp>
SMTP (3090095d000044d9) [x] using source IP for mail.eservicesforyou.net
[67.94.227.39]
SMTP (3090095d000044d9) Connect recipientdomain.moc [216.25.47.197:25] (1)
SMTP (3090095d000044d9) 220 X1 NT-ESMTP Server mail.recipientdomain.moc
(IMail 6.06 8010-10)
SMTP (3090095d000044d9) >EHLO mail.eservicesforyou.net
SMTP (3090095d000044d9) 250-mail.recipientdomain.moc says hello
SMTP (3090095d000044d9) 250-SIZE 0
SMTP (3090095d000044d9) 250-8BITMIME
SMTP (3090095d000044d9) 250-DSN
SMTP (3090095d000044d9) 250-ETRN
SMTP (3090095d000044d9) 250 EXPN
Received: from mail.recipientdomain.moc (mail.recipientdomain.moc
[216.25.47.197])
by mail13.atl.registeredsite.com (8.12.11/8.12.11) with ESMTP id
jA49vpJ2009604
for <[EMAIL PROTECTED]>; Fri, 4 Nov 2005 04:57:51
-0500
Received: from SMTP32-FWD by mail.recipientdomain.moc
(SMTP32) id A000003AC; Fri, 4 Nov 2005 04:57:50 -0500
Received: from mail.eservicesforyou.net [216.25.47.197] by
mail.recipientdomain.moc with ESMTP
(SMTPD32-6.06) id A09D5D1300B8; Fri, 04 Nov 2005 04:57:49 -0500
Received: from wks1 [192.168.16.11] by mail.eservicesforyou.net with ESMTP
(SMTPD-8.20) id A09006A0; Fri, 04 Nov 2005 01:57:36 -0800
John T
eServices For You
---
This E-mail came from the Declude.JunkMail mailing list. To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.JunkMail". The archives can be found
at http://www.mail-archive.com.
