On 3 Dec 2015, at 9:36, Joe Quinn wrote:
On 12/3/2015 9:23 AM, Jari Fredriksson wrote:
On 3.12.2015 16.11, Kevin A. McGrail wrote:
You are using KAM.cf which isn't a project ruleset.
Please report the issue and a spample at
https://raptor.pccc.com/raptor.cgim?template=report_problem
We can likely look at it quickly and adjust. However, the fact that
SPF
failed makes me lean towards the fact that the rule fired
correctly...
Regards,
KAM
There seems to be something in the spf detection. SPF claims that
paypal is not allowed (by their sfp record) to send mail via my email
relay. That relay IS in my trusted_networks. What am I missing now?
br. jarif
Probably this bug, which we are still working out a good solution for:
https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7182
The SPF RFC has a "MUST" constraint on 10 lookups per SPF check, which
Paypal has broken before. The reasoning given is resistance to denial
of service attacks via DNS traffic, which makes it a tricky fix. We'll
discuss the KAM.cf issue privately, and bring it back on-list in dev@
if it comes back to new information on this issue.
Not in this case. Note that the URL in the SPF_FAIL line indicates
emea.e.paypal.com as the sender domain. Not a complex record.
