Curious that SPF_FAIL is reported...
X-Spam-Report:
* 1.9 TVD_RCVD_IP TVD_RCVD_IP
* 3.2 FH_DATE_PAST_20XX The date is grossly in the future.
* 1.5 FROM_STARTS_WITH_NUMS From: starts with many numbers
* 1.9 DATE_IN_FUTURE_06_12 Date: is 6 to 12 hours after Received: date
* 0.7 SPF_FAIL SPF: sender does not match SPF record (fail)
* [SPF failed: Please see
$ host -t TXT freecycle.org
freecycle.org descriptive text "v=spf1 mx ip4:66.249.5.32
a:mailers.freecycle.org ~all"
so mx records, 66.249.5.32 and mailers.freecycle.org are permitted.
$ host -t MX freecycle.org
freecycle.org mail is handled by 10 mail.freecycle.org.
$ host mail.freecycle.org
mail.freecycle.org has address 209.208.102.2
$ host mailers.freecycle.org
mailers.freecycle.org has address 94.102.151.10
mailers.freecycle.org has address 94.102.157.234
mailers.freecycle.org has address 95.172.20.138
mailers.freecycle.org has address 95.172.20.170
mailers.freecycle.org has address 209.40.195.67
mailers.freecycle.org has address 209.208.102.2
mailers.freecycle.org has address 66.249.5.27
mailers.freecycle.org has address 66.249.5.32
mailers.freecycle.org has address 66.249.5.33
mailers.freecycle.org has address 66.249.23.110
mailers.freecycle.org has address 67.223.226.47
mailers.freecycle.org has address 67.223.248.208
mailers.freecycle.org has address 67.223.252.100
mailers.freecycle.org has address 77.92.68.91
mailers.freecycle.org has address 77.92.72.179
mailers.freecycle.org has address 77.92.72.180
mailers.freecycle.org has address 83.170.113.10
$ host bulkmail2.freecycle.org
bulkmail2.freecycle.org has address 95.172.20.170
bulkmail2.freecycle.org is a permitted sender, it's listed under
mailers.freecycle.org.
however, this email was from "bounces.freecycle.org" and it needs an SPF
record as well.
$ host -t TXT bounces.freecycle.org
bounces.freecycle.org descriptive text "v=spf1 include:freecycle.org -all"
bounces.freecycle.org does not have an A record but it's ip address,
95.172.20.170, is listed above in mailers.freecycle.org and also as
bulkmail2.freecycle.org.
Wonder why it failed?
oh wait a minute..
Envelope-to: myn...@exemail.com.au
Delivery-date: Tue, 16 Mar 2010 17:51:22 +1100
Received: from 146.2.233.220.static.exetel.com.au ([220.233.2.146]
helo=mscip02.mailsentry.net.au)
by chestnut2.exetel.com.au with esmtp (Exim 4.68)
(envelope-from <post-1601702-2890...@bounces.freecycle.org>)
id 1NrQcc-0000PC-Us
for myn...@exemail.com.au; Tue, 16 Mar 2010 17:51:22 +1100
Received: from bulkmail2.freecycle.org ([95.172.20.170])
by mscip02.mailsentry.net.au with ESMTP; 16 Mar 2010 17:51:21 +1100
Received: from localhost ([127.0.0.1] helo=freecycle.org)
by bulkmail2.freecycle.org with esmtp (Exim 4.69)
was this a forwarded email? from mscip02.mailsentry.net.au to
chestnut2.exetel.com.au? I don't think you can apply an SPF check after
it's been forwarded.
-lee
Mark Martinec wrote:
> Phill,
>
>
>> def_whitelist_from_rcvd *...@posts.freecycle.org posts.freecycle.org
>>
>
>
>> Received: from bulkmail2.freecycle.org ([95.172.20.170])
>> by mscip02.mailsentry.net.au with ESMTP; 16 Mar 2010 17:51:21 +1100
>> From: "frances.dejong" <2890...@posts.freecycle.org>
>>
>
>
>> Can anyone explain why the whitelist entry isn't preventing this from
>> being tagged as spam?
>>
>
> posts.freecycle.org != bulkmail2.freecycle.org
>
> Mark
>
