Re: SPF Relay

[Gino Cerullo]

Unless you post real domains it is very difficult to help with SPF questions. Since we cannot query your DNS, we can't determine whether there are errors in the SPF record.    On 5-Aug-06, at 4:29 PM, Benu <[EMAIL PROTECTED]> wrote: I need help also, I am seeing the same messages. In /etc/mail/spamassassin/local.cf clear_internal_networks trusted_networks        127.0.0.1 my.ip.adr internal_networks       127.0.0.1 ====================================== I performed the following test: perl -MMail::SPF::Query -le 'print for Mail::SPF::Query->new(helo=>shift,  ipv4=>shift, sender=>shift)->result' ns.domain.net ip.add.res  [EMAIL PROTECTED] It returns: none SPF: domain of sender [EMAIL PROTECTED] does not designate mailers host.domain.net: domain of [EMAIL PROTECTED] does not designate  permitted sender hosts This is stating there is no SPF record for the domain 'smtpd.domain.net.' Since you didn't post a real domain I cannot confirm if this is correct. ============================================== A SPF Check from the internet reports: SPF lookup of sender [EMAIL PROTECTED] from IP my.ip.adr: SPF string used: v=spf2 a ip4:my.ip.adr mx:smtpd.domain.net -all  exp=getlost.domain.net. Processing SPF string: v=spf2 a ip4:my.ip.adr mx:smtpd.domain.net -all  exp=getlost.domain.net. Testing 'a' on IP=my.ip.adr, target domain domain.net, CIDR 32, default=PASS.   No match. Testing 'ip4:my.ip.adr' on IP=my.ip.adr, target domain my.ip.adr, CIDR 32,  default=PASS.  MATCH! Testing 'mx:smtpd.domain.net' on IP=my.ip.adr, target domain smtpd.domain.net,  CIDR 32, default=PASS.   Testing 'all' on IP=my.ip.adr, target domain domain.net, CIDR 32,  default=FAIL.   Testing 'exp=getlost.domain.net' on IP=my.ip.adr, target domain domain.net,  CIDR 32, default=PASS.   Looking up TXT record for getlost.domain.net. Got explanation: "Not authorized to send mail for the domain". Result: PASS ============================================= What do I need to change? Thanks Here you show a report for the domain 'domain.net.' This is not the same as the domain 'smtpd.domain.net' as far as SPF is concerned, smtpd.domain.net,' must have its own SPF record.  Merely including 'mx:smtpd.domain.net' in the record for 'domain.net' does not mean 'smtpd.domain.net' has an SPF record or that it is cover by the record of 'domain.net' -- Gino Cerullo Pixel Point Studios 21 Chesham Drive Toronto, ON  M3M 1W6 T: 416-247-7740 F: 416-247-7503