The message is sent from [EMAIL PROTECTED] to [EMAIL PROTECTED]
but shows up with no SPF information. Are you saying that the SPF
records are supposed to be published along with the sending mail
server's A record instead of with the domain? Like if the MX for
channing-bete.com was smtp.channing-bete.com, then the SPF record should
be returned from "dig smtp.channing-bete.com txt" and not "dig
channing-bete.com txt"? This seems quite off from how gmail, yahoo, aol,
microsoft, etc systems are publishing their records. So who's right? Did
the draft standard change?
This seemingly used to work so nicely! Can I swap back my
SpamAssassin/Plugins/SPF.pm from SA 3.0.4?
As requested, here's the header from a message sent from
[EMAIL PROTECTED] to [EMAIL PROTECTED] Notice the lack of SPF
tags, positive or negative, while gmail.com supposedly supports SPF.
Received: from spam.channing-bete.com ([10.1.200.40]) by sxgen01.dclb
with Microsoft SMTPSVC(6.0.3790.211);
Wed, 28 Sep 2005 19:30:26 -0400
Received: from smtp.channing-bete.com (smtp.channing-bete.com [10.1.200.36])
by spam.channing-bete.com (8.13.1/8.13.1) with ESMTP id j8SNUK4s027770
for <[EMAIL PROTECTED]>; Wed, 28 Sep 2005 19:30:20 -0400
Received: from wproxy.gmail.com (wproxy.gmail.com [64.233.184.194])
by smtp.channing-bete.com (8.13.1/8.13.1) with ESMTP id j8SNUEcu009571
for <[EMAIL PROTECTED]>; Wed, 28 Sep 2005 19:30:14 -0400
Received: by wproxy.gmail.com with SMTP id i31so34974wra
for <[EMAIL PROTECTED]>; Wed, 28 Sep 2005 16:30:13 -0700 (PDT)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
s=beta; d=gmail.com;
h=received:message-id:date:from:user-agent:x-accept-language:mime-version:to:subject:content-type;
b=TqqEs8f1rd7hHxPdlueZld3eXiPU18zTv63O2i0mn5c9NQRRT5kJgpbdsDphJPyAC+tmxdDFXIlpjBizGEdFjPiKXk595iZ5HqJMWpobjBFImKdK+aZFYhWVqkPg8CRqW0ToBtNnRQSJNyrnFzbwdU99xoKZsU8xVYcVCOzNplo=
Received: by 10.54.122.14 with SMTP id u14mr195815wrc;
Wed, 28 Sep 2005 16:30:13 -0700 (PDT)
Received: from ?192.0.0.11? ( [67.20.144.224])
by mx.gmail.com with ESMTP id g7sm326139wra.2005.09.28.16.30.13;
Wed, 28 Sep 2005 16:30:13 -0700 (PDT)
Message-ID: <[EMAIL PROTECTED]>
Date: Wed, 28 Sep 2005 19:29:55 -0400
From: Ben Lentz <[EMAIL PROTECTED]>
User-Agent: Mozilla Thunderbird 1.0.6 (Windows/20050716)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Ben Lentz <[EMAIL PROTECTED]>
Subject: test
Content-Type: multipart/alternative;
boundary="------------060908000300050900050601"
X-Antivirus: Scanned by Vexira Antivirus 1.1.4
X-Spam-Flag: NO
X-Scanned-By: milter-spamc/0.25.321 (spam.channing-bete.com
[10.1.200.40]); Wed, 28 Sep 2005 19:30:24 -0400
X-Spam-Status: NO, hits=0.00 required=4.00
X-Spam-Level:
X-Spam-Report: Content preview: test test [...]
____
Content analysis details: (0.0 points, 4.0 required)
____
pts rule name description
---- ----------------------
--------------------------------------------------
0.0 DK_SIGNED Domain Keys: message has an unverified signature
-0.0 DK_VERIFIED Domain Keys: signature passes verification
0.0 HTML_MESSAGE BODY: HTML included in message
____
Return-Path: [EMAIL PROTECTED]
X-OriginalArrivalTime: 28 Sep 2005 23:30:26.0881 (UTC)
FILETIME=[9B384310:01C5C484]
----- Original Message -----
*From:* "Daryl C. W. O'Shea" <[EMAIL PROTECTED]>
*Sent:* 09/28/2005 6:21:01 PM -0400
*To:* Ben Lentz <[EMAIL PROTECTED]>
*Cc:* users@spamassassin.apache.org
*Subject:* SPF and Upgrade to SA3.1
Ben Lentz wrote:
Is my testing of gmail's information faulty? What has changed between
3.0.4 and 3.1.0 SPF-wise that would cause SPF to stop working?
What's changed? SPF_HELO_* checks are now correctly done -- against
host names and not registered domains.
I think we -- correctly -- stopped stripping the sender's
(return-path) domain down too.
Any examples you provide need to at least include the return-path
address and preferrably the raw headers.
Daryl
