A
AndreZ
Guest
I have a domain that has a correct SPF record in TXT. (v=spf1 ip4:*myip* -all)
This is proven to be correct due to several tests with
http://www.kitterman.com/spf/validate.html
as well as
spfquery from command line
But when an email with an invalid sender is received it will be treated as neutral:
Received-SPF: neutral (*snap*: *snap2* is neither permitted nor denied by domain of *snap3*) client-ip=*snap2*; envelope-from=rz@*snap3*; helo=blubtest;
*snap3* is the domain with the correct SPF record.
If I test it with spfquery it returns a fail to me.
So I sniffed my network connection and saw that my server does not only check the TXT record of *snap3* when an email is recieved. There is also a DNS packet right after the *snap3*-DNS-TXT-request to spf.trusted-forwarder.org which results in "?all".
=> that overrides my '-all' and everything is neutral, right? (Or not? If I test -all ?all this online tester still fails :\)
Why the does it check spf.trusted-forwarder.org ? And isn't it useless to provide an '?all' SPF record?
In plesk there is this server-wide local spf rules field. I have blanked it out
=> same issue.
I entered include:trusted-forwarder.org to see if that matters. Yes: Now I have 3 DNS-TXT-Requests foreach email. Firstly *snap3* then trusted-forwarder.org and finally spf.trusted-forwarder.org.
I have searched all /etc/* files for the word 'spf.trusted-forwarder.org'
=> no match
In PRODUCT_ROOT_D is nothing too.
Is there any place where this behavior is configured? Or has this something todo with that bool 'trusted' parameter of the perl SPF::Query?
Currently I am really frustrated. At the time I'm running a
root@host:/ # grep -r -i trusted-forwarder.org * > result.txt
in a screen session.
Maybe there is nothing new to report tomorrow. ^^
I have Plesk 9.2.3 running. I have a SpamAssassin license.
I switched from Postfix to QMail due to the well known "queue file write error" plesk-bug.
I switched as advised with the plesk script.
I think there are more people out there having the same issue:
http://forum.parallels.com/showthread.php?t=92236
http://forum.parallels.com/showthread.php?t=88381
No responses there yet. I try it here with some more information.
This is proven to be correct due to several tests with
http://www.kitterman.com/spf/validate.html
as well as
spfquery from command line
But when an email with an invalid sender is received it will be treated as neutral:
Received-SPF: neutral (*snap*: *snap2* is neither permitted nor denied by domain of *snap3*) client-ip=*snap2*; envelope-from=rz@*snap3*; helo=blubtest;
*snap3* is the domain with the correct SPF record.
If I test it with spfquery it returns a fail to me.
So I sniffed my network connection and saw that my server does not only check the TXT record of *snap3* when an email is recieved. There is also a DNS packet right after the *snap3*-DNS-TXT-request to spf.trusted-forwarder.org which results in "?all".
=> that overrides my '-all' and everything is neutral, right? (Or not? If I test -all ?all this online tester still fails :\)
Why the does it check spf.trusted-forwarder.org ? And isn't it useless to provide an '?all' SPF record?
In plesk there is this server-wide local spf rules field. I have blanked it out
=> same issue.
I entered include:trusted-forwarder.org to see if that matters. Yes: Now I have 3 DNS-TXT-Requests foreach email. Firstly *snap3* then trusted-forwarder.org and finally spf.trusted-forwarder.org.
I have searched all /etc/* files for the word 'spf.trusted-forwarder.org'
=> no match
In PRODUCT_ROOT_D is nothing too.
Is there any place where this behavior is configured? Or has this something todo with that bool 'trusted' parameter of the perl SPF::Query?
Currently I am really frustrated. At the time I'm running a
root@host:/ # grep -r -i trusted-forwarder.org * > result.txt
in a screen session.
Maybe there is nothing new to report tomorrow. ^^
I have Plesk 9.2.3 running. I have a SpamAssassin license.
I switched from Postfix to QMail due to the well known "queue file write error" plesk-bug.
I switched as advised with the plesk script.
I think there are more people out there having the same issue:
http://forum.parallels.com/showthread.php?t=92236
http://forum.parallels.com/showthread.php?t=88381
No responses there yet. I try it here with some more information.