RE: SPF_SOFTFAIL not working properly
> > On 6/24/2006 11:14 AM, Jim Hermann - UUN Hostmaster wrote: > > > How do I debug the SPF Module during SA Operations? > > > > > > I have had another email marked as SPF_SOFTFAIL during the > > first receipt and > > > the From domain does not have a TXT SPF record. When I > > isolated the message > > > and ran it again, it was processed without any errors. > > > > > > I suspect that there is a problem with the timeout routines in > > > Mail::SPF::Query and Mail::Spamassassin::Plugin::SPF. When > > I increased the > > > spf_timeout to 15, I did not have any false positives. > > > > 5 seconds is a long time to do the DNS queries for just an > SPF check. > > Any time the timeout is exceeded we explicitly treat this as > > a SOFTFAIL. > > Perhaps we'd be better off just having no result at all. > > Considering that SOFTFAIL has a score, I recommend that a SPF > timeout be > something other than SOFTFAIL, probably the same as none. It > needs it's own > comment too. Users need to know what happened. > I changed lines 318-319 in SPF.pm to: $result ||= 'error'; # changed from softfail to error - jwh 6/24/06 $comment ||= 'lookup failed'; # added comment for error - jwh 6/24/06 Here is the result for my test file with the timeout set to the default of 5 seconds: [25710] dbg: spf: checking EnvelopeFrom (helo=BABY, ip=125.214.61.195, [EMAIL PROTECTED]) | relmaxtop.com new: ipv4=125.214.61.195, [EMAIL PROTECTED], helo=BABY |marileestewart relmaxtop.com localpart is marileestewart || marileestewart relmaxtop.com DirectiveSet->new(): doing TXT query on relmaxtop.com || marileestewart relmaxtop.com myquery: doing TXT query on relmaxtop.com [25710] dbg: spf: query for [EMAIL PROTECTED]/125.214.61.195/BABY: result: error, comment: lookup failed It works for me. Jim
RE: SPF_SOFTFAIL not working properly
> On 6/24/2006 11:14 AM, Jim Hermann - UUN Hostmaster wrote: > > How do I debug the SPF Module during SA Operations? > > > > I have had another email marked as SPF_SOFTFAIL during the > first receipt and > > the From domain does not have a TXT SPF record. When I > isolated the message > > and ran it again, it was processed without any errors. > > > > I suspect that there is a problem with the timeout routines in > > Mail::SPF::Query and Mail::Spamassassin::Plugin::SPF. When > I increased the > > spf_timeout to 15, I did not have any false positives. > > 5 seconds is a long time to do the DNS queries for just an SPF check. > Any time the timeout is exceeded we explicitly treat this as > a SOFTFAIL. > Perhaps we'd be better off just having no result at all. Considering that SOFTFAIL has a score, I recommend that a SPF timeout be something other than SOFTFAIL, probably the same as none. It needs it's own comment too. Users need to know what happened. Jim
Re: SPF_SOFTFAIL not working properly
On 6/24/2006 11:14 AM, Jim Hermann - UUN Hostmaster wrote: How do I debug the SPF Module during SA Operations? I have had another email marked as SPF_SOFTFAIL during the first receipt and the From domain does not have a TXT SPF record. When I isolated the message and ran it again, it was processed without any errors. I suspect that there is a problem with the timeout routines in Mail::SPF::Query and Mail::Spamassassin::Plugin::SPF. When I increased the spf_timeout to 15, I did not have any false positives. When spf_timeout is set to 5 (default), during the initial email receipt, I think that Mail::SPF::Query exceeds the timeout and the timeout routine does not work properly. The timeout error causes Mail::Spamassassin::Plugin::SPF to classify the result as SPF_SOFTFAIL without a value for $comment. The Spamassassin Report displays the SPF_SOFTFAIL result with [SPF failed: ] because the $comment was blank. 5 seconds is a long time to do the DNS queries for just an SPF check. Any time the timeout is exceeded we explicitly treat this as a SOFTFAIL. Perhaps we'd be better off just having no result at all. my $timer = Mail::SpamAssassin::Timeout->new({ secs => $timeout }); my $err = $timer->run_and_catch(sub { ($result, $comment) = $query->result(); }); if ($err) { chomp $err; warn("spf: lookup failed: $err\n"); return 0; } $result ||= 'softfail'; $comment ||= ''; Daryl
Re: SPF_SOFTFAIL not working properly
On Samstag, 24. Juni 2006 17:14 Jim Hermann - UUN Hostmaster wrote: > When spf_timeout is set to 5 (default), during the initial email > receipt, I think that Mail::SPF::Query exceeds the timeout and the > timeout routine does not work properly. The timeout error causes > Mail::Spamassassin::Plugin::SPF to classify the result as > SPF_SOFTFAIL without a value for $comment. The Spamassassin Report > displays the SPF_SOFTFAIL result with [SPF failed: ] because the > $comment was blank. If none of the devs gives an answer here, open a bug. :-| mfg zmi -- // Michael Monnerie, Ing.BSc- http://it-management.at // Tel: 0660/4156531 .network.your.ideas. // PGP Key:"curl -s http://zmi.at/zmi3.asc | gpg --import" // Fingerprint: 44A3 C1EC B71E C71A B4C2 9AA6 C818 847C 55CB A4EE // Keyserver: www.keyserver.net Key-ID: 0x55CBA4EE pgpzCL0gOz93s.pgp Description: PGP signature