Curious that SPF_FAIL is reported... X-Spam-Report: * 1.9 TVD_RCVD_IP TVD_RCVD_IP * 3.2 FH_DATE_PAST_20XX The date is grossly in the future. * 1.5 FROM_STARTS_WITH_NUMS From: starts with many numbers * 1.9 DATE_IN_FUTURE_06_12 Date: is 6 to 12 hours after Received: date * 0.7 SPF_FAIL SPF: sender does not match SPF record (fail) * [SPF failed: Please see
$ host -t TXT freecycle.org freecycle.org descriptive text "v=spf1 mx ip4:66.249.5.32 a:mailers.freecycle.org ~all" so mx records, 66.249.5.32 and mailers.freecycle.org are permitted. $ host -t MX freecycle.org freecycle.org mail is handled by 10 mail.freecycle.org. $ host mail.freecycle.org mail.freecycle.org has address 209.208.102.2 $ host mailers.freecycle.org mailers.freecycle.org has address 94.102.151.10 mailers.freecycle.org has address 94.102.157.234 mailers.freecycle.org has address 95.172.20.138 mailers.freecycle.org has address 95.172.20.170 mailers.freecycle.org has address 209.40.195.67 mailers.freecycle.org has address 209.208.102.2 mailers.freecycle.org has address 66.249.5.27 mailers.freecycle.org has address 66.249.5.32 mailers.freecycle.org has address 66.249.5.33 mailers.freecycle.org has address 66.249.23.110 mailers.freecycle.org has address 67.223.226.47 mailers.freecycle.org has address 67.223.248.208 mailers.freecycle.org has address 67.223.252.100 mailers.freecycle.org has address 77.92.68.91 mailers.freecycle.org has address 77.92.72.179 mailers.freecycle.org has address 77.92.72.180 mailers.freecycle.org has address 83.170.113.10 $ host bulkmail2.freecycle.org bulkmail2.freecycle.org has address 95.172.20.170 bulkmail2.freecycle.org is a permitted sender, it's listed under mailers.freecycle.org. however, this email was from "bounces.freecycle.org" and it needs an SPF record as well. $ host -t TXT bounces.freecycle.org bounces.freecycle.org descriptive text "v=spf1 include:freecycle.org -all" bounces.freecycle.org does not have an A record but it's ip address, 95.172.20.170, is listed above in mailers.freecycle.org and also as bulkmail2.freecycle.org. Wonder why it failed? oh wait a minute.. Envelope-to: myn...@exemail.com.au Delivery-date: Tue, 16 Mar 2010 17:51:22 +1100 Received: from 146.2.233.220.static.exetel.com.au ([220.233.2.146] helo=mscip02.mailsentry.net.au) by chestnut2.exetel.com.au with esmtp (Exim 4.68) (envelope-from <post-1601702-2890...@bounces.freecycle.org>) id 1NrQcc-0000PC-Us for myn...@exemail.com.au; Tue, 16 Mar 2010 17:51:22 +1100 Received: from bulkmail2.freecycle.org ([95.172.20.170]) by mscip02.mailsentry.net.au with ESMTP; 16 Mar 2010 17:51:21 +1100 Received: from localhost ([127.0.0.1] helo=freecycle.org) by bulkmail2.freecycle.org with esmtp (Exim 4.69) was this a forwarded email? from mscip02.mailsentry.net.au to chestnut2.exetel.com.au? I don't think you can apply an SPF check after it's been forwarded. -lee Mark Martinec wrote: > Phill, > > >> def_whitelist_from_rcvd *...@posts.freecycle.org posts.freecycle.org >> > > >> Received: from bulkmail2.freecycle.org ([95.172.20.170]) >> by mscip02.mailsentry.net.au with ESMTP; 16 Mar 2010 17:51:21 +1100 >> From: "frances.dejong" <2890...@posts.freecycle.org> >> > > >> Can anyone explain why the whitelist entry isn't preventing this from >> being tagged as spam? >> > > posts.freecycle.org != bulkmail2.freecycle.org > > Mark >