http://bugzilla.spamassassin.org/show_bug.cgi?id=3169
------- Additional Comments From [EMAIL PROTECTED] 2004-05-03 20:34 ------- 0.097 0.0140 10.4478 0.001 0.19 -1.00 SPF_PASS 29.407 29.5705 9.1940 0.763 0.06 -0.50 SPF_HELO_PASS 1.136 1.1456 0.0000 1.000 0.01 0.50 SPF_SOFTFAIL 0.778 0.7845 0.0000 1.000 0.00 1.00 SPF_FAIL 0.073 0.0732 0.0000 1.000 0.00 0.50 SPF_HELO_SOFTFAIL 0.230 0.2312 0.1194 0.659 0.00 1.00 SPF_HELO_FAIL hrm. SPF_HELO_PASS is mega bad dude. see #1 below, which I think causes that. SPF_PASS is much easier. digging through this stuff: debug: SPF: checking EnvelopeFrom (helo=actual.bblisa.org, ip=65.214.43.12, [EMAIL PROTECTED]) debug: SPF: query for [EMAIL PROTECTED]/65.214.43.12/actual.bblisa.org: result: pass, comment: Please see http://spf.pobox.com/why.html? sender=8585sxsex.co.kr%40bblisa.org&ip=65.214.43.12&receiver=eclectic.kluge.net: bblisa.org A 65.214.43.12 the actual.bblisa.org machine is one of my backup MX hosts, and the SPF record would be valid, if the message originated from the bblisa host, so SPF hits. Umm. Yeah, known issue with SPF. IMHO, we should have an option that deals with this. I don't know what though. debug: SPF: checking EnvelopeFrom (helo=dhcp065-025-151-066.columbus.rr.com, ip=65.25.151.66, [EMAIL PROTECTED]) debug: SPF: query for [EMAIL PROTECTED]/65.25.151.66/dhcp065-025-151-066.columbus.rr.com: result: pass, comment: Please see http://spf.pobox.com/why.html? sender=7ezyeljg%40toothpick.net&ip=65.25.151.66&receiver=eclectic.kluge.net $ host -t txt toothpick.net toothpick.net text "v=spf1 mx ptr all" invalid spf -- allows all. doh. (sent [EMAIL PROTECTED] a note about that...) debug: SPF: checking HELO (helo=turkey.mail.pas.earthlink.net, ip=207.217.120.126) debug: SPF: trimmed HELO down to 'earthlink.net' debug: SPF: query for /207.217.120.126/earthlink.net: result: pass, comment: Please see http:// spf.pobox.com/why.html?sender=earthlink.net&ip=207.217.120.126&receiver=eclectic.kluge.net: 207.217.120.0/23 contains 207.217.120.126 Wow. Earthlink does SPF. Sweet. Unfortunately, valid hit: $ host -t txt earthlink.net earthlink.net text "v=spf1 ip4:207.217.120.0/23 ip4:207.69.200.0/24 ip4:209.86.89.0/24 ?all" SPF_HELO_FAIL ... 2 ham hits, both valid ham, both from the same place: debug: SPF: checking HELO (helo=mkt11.verticalresponse.com, ip=209.66.113.66) debug: SPF: trimmed HELO down to 'verticalresponse.com' debug: SPF: query for /209.66.113.66/verticalresponse.com: result: fail, comment: Please see http:// spf.pobox.com/why.html?sender=verticalresponse.com&ip=209.66.113.66&receiver=eclectic.kluge.net $ host -t txt verticalresponse.com verticalresponse.com text "v=spf1 a mx a:www2 a:www a:outbound a:corpmail.verticalresponse.com a: mkt1 a:mkt2 a:mkt3 a:mkt4 a:mkt5 a:mkt6 a:mkt7 a:mkt8 a:m" "kt9 a:mkt10 a:mkt11 a:mkt12 a:mkt14 a:mkt15 a:mkt16 a:mkt17 a:mkt18 a:mkt19 a:mkt20 a:mkt21 a:mkt22 a:mkt23 a:mkt24 a:mkt25 a:m" "kt13 -all" the mail is from mkt11, but I think these are invalid -- they should be a:fqdn, not a:hostname. /me checks SPF draft ... yeah. section 4.4 specifies it's "domain-spec", which gets macro expanded then is treated as "target-name", which if it's not an fqdn won't work. so... invalid SPF record, again. <grrr> ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
