On 11/06/18 10:20, Reindl Harald wrote:
Am 11.06.2018 um 10:57 schrieb Sebastian Arcus:
On 11/06/18 09:39, Matus UHLAR - fantomas wrote:
On 11.06.18 08:56, Sebastian Arcus wrote:
I am running SA 4.0.0-r1823176 on Perl 5.26.2. On a number of domains
I administer, outbound mail triggers the SPF_HELO_FAIL rule - but the
regular SPF check passes. I am struggling to see why this is
happening, as the HELO name is set to the same value as the name of
the server/dns name, it has rDNS - and it clearly passes during the
regular SPF check - but not the SPF_HELO check. I have re-checked the
domain settings at mxtoolbox.com - and there doesn't seem to be any
problem. Any ideas please?
do users use SMTP authentication?
Messages submitted over SMTP are authenticated. Other messages are
generated locally on the sending server and passed on the command line
to Exim. All messages hit SPF_HELO_FAIL
Is that visible in headers?
I'm not really sure. Which bit of the headers should contain the
authentication data?
look if exim has a similar feature
http://www.postfix.org/postconf.5.html#smtpd_sasl_authenticated_header
My question is, is this header a requirement? Both servers at both ends
are configured by me, so I know the smtp submission is authenticated. Is
the SPF check at the receiving end supposed to fail if it can't find a
specific header showing the authenticated user at the sending end? What
is the connection between SPF HELO checks at the receiving server, and
the user which is submitting the message to the sending server? I'm not
really following I'm afraid - but I could be missing the point.
