On 6-Aug-06, at 9:54 PM, Benu wrote:
On Sunday 06 August 2006 14:07, you wrote:
On 6-Aug-06, at 2:36 PM, Benu wrote:
On Sunday 06 August 2006 09:39, you wrote:
Unless you post real domains it is very difficult to help with SPF
questions. Since we cannot query your DNS, we can't determine
whether
there are errors in the SPF record.
http://www.dnsreport.com/tools/spf.ch?server=ted%
40teesa.net&ip=66.15.198.88
SPF Information for 66.15.198.88
SPF lookup of sender [EMAIL PROTECTED] from IP 66.15.198.88:
SPF string used: v=spf2 a ip4:66.15.198.88 mx:smtpd.teesa.net -all
exp=getlost.teesa.net.
Processing SPF string: v=spf2 a ip4:66.15.198.88 mx:smtpd.teesa.net
-all
exp=getlost.teesa.net.
Testing 'a' on IP=66.15.198.88, target domain teesa.net, CIDR 32,
default=PASS. No match.
Testing 'ip4:66.15.198.88' on IP=66.15.198.88, target domain
66.15.198.88,
CIDR 32, default=PASS. MATCH!
Testing 'mx:smtpd.teesa.net' on IP=66.15.198.88, target domain
smtpd.teesa.net, CIDR 32, default=PASS.
Testing 'all' on IP=66.15.198.88, target domain teesa.net, CIDR 32,
default=FAIL.
Testing 'exp=getlost.teesa.net' on IP=66.15.198.88, target domain
teesa.net,
CIDR 32, default=PASS.
Looking up TXT record for getlost.teesa.net.
Got explanation: "Not authorized to send mail for the domain".
Result: PASS
On 5-Aug-06, at 4:29 PM, Benu <[EMAIL PROTECTED]> wrote:
I need help also, I am seeing the same messages.
In /etc/mail/spamassassin/local.cf
clear_internal_networks
trusted_networks 127.0.0.1 my.ip.adr
internal_networks 127.0.0.1
======================================
I performed the following test:
perl -MMail::SPF::Query -le 'print for Mail::SPF::Query->new
(helo=>shift,
ipv4=>shift, sender=>shift)->result' ns.domain.net ip.add.res
[EMAIL PROTECTED]
It returns:
none
SPF: domain of sender [EMAIL PROTECTED] does not designate
mailers
host.domain.net: domain of [EMAIL PROTECTED] does not
designate
permitted sender hosts
This is stating there is no SPF record for the domain
'smtpd.domain.net.' Since you didn't post a real domain I cannot
confirm if this is correct.
==============================================
A SPF Check from the internet reports:
SPF lookup of sender [EMAIL PROTECTED] from IP my.ip.adr:
SPF string used: v=spf2 a ip4:my.ip.adr mx:smtpd.domain.net -all
exp=getlost.domain.net.
Processing SPF string: v=spf2 a ip4:my.ip.adr mx:smtpd.domain.net
-all
exp=getlost.domain.net.
Testing 'a' on IP=my.ip.adr, target domain domain.net, CIDR 32,
default=PASS.
No match.
Testing 'ip4:my.ip.adr' on IP=my.ip.adr, target domain my.ip.adr,
CIDR 32,
default=PASS. MATCH!
Testing 'mx:smtpd.domain.net' on IP=my.ip.adr, target domain
smtpd.domain.net,
CIDR 32, default=PASS.
Testing 'all' on IP=my.ip.adr, target domain domain.net, CIDR 32,
default=FAIL.
Testing 'exp=getlost.domain.net' on IP=my.ip.adr, target domain
domain.net,
CIDR 32, default=PASS.
Looking up TXT record for getlost.domain.net.
Got explanation: "Not authorized to send mail for the domain".
Result: PASS
=============================================
What do I need to change?
Thanks
Here you show a report for the domain 'domain.net.' This is not the
same as the domain 'smtpd.domain.net' as far as SPF is concerned,
smtpd.domain.net,' must have its own SPF record.
Merely including 'mx:smtpd.domain.net' in the record for
'domain.net'
does not mean 'smtpd.domain.net' has an SPF record or that it is
cover by the record of 'domain.net'
The test you show above shows a PASS. Which test gave you a problem?
--
Gino Cerullo
Pixel Point Studios
21 Chesham Drive
Toronto, ON M3M 1W6
T: 416-247-7740
F: 416-247-7503
This fails:
perl -MMail::SPF::Query -le 'print for Mail::SPF::Query->new
(helo=>shift,
ipv4=>shift, sender=>shift)->result' smtpd.teesa.net 66.15.198.88
[EMAIL PROTECTED]
none
SPF: domain of sender [EMAIL PROTECTED] does not designate mailers
victoria.teesa.net: domain of [EMAIL PROTECTED] does not designate
permitted
sender hosts
and spamassassin --lint --debug complains:
[22361] dbg: plugin: registering glue method for check_hashcash_value
(Mail::SpamAssassin::Plugin::Hashcash=HASH(0xab22624))
[22361] dbg: eval: all '*To' addrs:
[22361] dbg: plugin: registering glue method for check_for_spf_neutral
(Mail::SpamAssassin::Plugin::SPF=HASH(0xaaeece4))
[22361] dbg: spf: no suitable relay for spf use found, skipping SPF
check
[22361] dbg: plugin: registering glue method for
check_for_spf_softfail
(Mail::SpamAssassin::Plugin::SPF=HASH(0xaaeece4))
[22361] dbg: rules: ran eval rule NO_RELAYS ======> got hit
[22361] dbg: plugin: registering glue method for check_for_spf_pass
(Mail::SpamAssassin::Plugin::SPF=HASH(0xaaeece4))
[22361] dbg: plugin: registering glue method for
check_for_spf_helo_softfail
(Mail::SpamAssassin::Plugin::SPF=HASH(0xaaeece4))
[22361] dbg: plugin: registering glue method for
check_for_def_spf_whitelist_from
(Mail::SpamAssassin::Plugin::SPF=HASH(0xaaeece4))
[22361] dbg: spf: cannot get Envelope-From, cannot use SPF
[22361] dbg: spf: def_spf_whitelist_from: could not find useable
envelope
sender
Your SPF record has an error in it.
"v=spf2 a ip4:66.15.198.88 mx:smtpd.teesa.net -all
exp=getlost.teesa.net"
It should be:
"v=spf1 a ip4:66.15.198.88 mx:smtpd.teesa.net -all
exp=getlost.teesa.net"
v=spf2 is not correct, it should be v=spf1
It seems the tool at dnsreports.com doesn't see the error and parses
the record but all the other tools I tried ignore the SPF record as
they should.
--
Gino Cerullo
Pixel Point Studios
21 Chesham Drive
Toronto, ON M3M 1W6
T: 416-247-7740
F: 416-247-7503
