Facebook
Twitter
U
Uki Puki
Guest
I'm facing a lot of issues related to spam. In my own opinion it's because of spf.
Currently I'm using plesk 9.2.1. My spf is setup by plesk panel with fallowing parameters:
- bounce for neutral
- spfguess: spf1 a/24 mx/24 ptr
- all my domains have configured spf entry in dns (and it's proper - checked by external tool)
When I'm trying to send some dummy message from different host I’m getting something like this in my maillog:
May 7 23:13:10 quicksilver spf filter[320]: Starting spf filter...
May 7 23:13:10 quicksilver spf filter[320]: Error code: (2) Could not find a valid SPF record
May 7 23:13:10 quicksilver spf filter[320]: Failed to query guess rules: Could not find a valid SPF record near 'spf1 a/24 mx'
May 7 23:13:10 quicksilver spf filter[320]: SPF result: neutral
May 7 23:13:10 quicksilver spf filter[320]: SPF status: PASS
Email was send from host A.com using [email protected] to my [email protected] (where C.com is one of my domains).
1) B.com has it’s own spf value and it's not matching with A.com so this sould be discarded at first point.
2) Anyway it goes to second step and it's using guess mode to determinate host but it also fails (A.com host is different than B.com host).
3) As you can see in log unfortunately it's passing such emails.
For a time being I thought that it's a meter of this how spf is checking host - I don't know if it's using some system command to determinate this? but also in logs I can see a lot of records like:
May 7 07:06:34 quicksilver relaylock: /var/qmail/bin/relaylock: mail from 84.205.231.248:20889 (host-84-205-231-248.cpe.syzefxis.ote.gr)
What should mean in fact that somehow this spf works for some records.
Can anyone suggest something on this? Frankly speaking I have no idea ;/
Currently I'm using plesk 9.2.1. My spf is setup by plesk panel with fallowing parameters:
- bounce for neutral
- spfguess: spf1 a/24 mx/24 ptr
- all my domains have configured spf entry in dns (and it's proper - checked by external tool)
When I'm trying to send some dummy message from different host I’m getting something like this in my maillog:
May 7 23:13:10 quicksilver spf filter[320]: Starting spf filter...
May 7 23:13:10 quicksilver spf filter[320]: Error code: (2) Could not find a valid SPF record
May 7 23:13:10 quicksilver spf filter[320]: Failed to query guess rules: Could not find a valid SPF record near 'spf1 a/24 mx'
May 7 23:13:10 quicksilver spf filter[320]: SPF result: neutral
May 7 23:13:10 quicksilver spf filter[320]: SPF status: PASS
Email was send from host A.com using [email protected] to my [email protected] (where C.com is one of my domains).
1) B.com has it’s own spf value and it's not matching with A.com so this sould be discarded at first point.
2) Anyway it goes to second step and it's using guess mode to determinate host but it also fails (A.com host is different than B.com host).
3) As you can see in log unfortunately it's passing such emails.
For a time being I thought that it's a meter of this how spf is checking host - I don't know if it's using some system command to determinate this? but also in logs I can see a lot of records like:
May 7 07:06:34 quicksilver relaylock: /var/qmail/bin/relaylock: mail from 84.205.231.248:20889 (host-84-205-231-248.cpe.syzefxis.ote.gr)
What should mean in fact that somehow this spf works for some records.
Can anyone suggest something on this? Frankly speaking I have no idea ;/
