SPF not working
SPF not working
Hi,
I noticed that all my incoming mails for all domains (about 100) have the same SPF score by spamassassin:
0.01 T_SPF_HELO_PERMERROR SPF: test of HELO record failed (permerror)
0.01 T_SPF_PERMERROR SPF: test of record failed (permerror)
I have setup a domain with a SPF record for fail but still got the same score.
Does anybody know how to check what is going wrong?
Thanks,
Roger
I noticed that all my incoming mails for all domains (about 100) have the same SPF score by spamassassin:
0.01 T_SPF_HELO_PERMERROR SPF: test of HELO record failed (permerror)
0.01 T_SPF_PERMERROR SPF: test of record failed (permerror)
I have setup a domain with a SPF record for fail but still got the same score.
Does anybody know how to check what is going wrong?
Thanks,
Roger
Re: SPF not working
Check your SPF record is correct
https://vamsoft.com/support/tools/spf-syntax-validator
Have you an example of the one of the domains?
https://vamsoft.com/support/tools/spf-syntax-validator
Have you an example of the one of the domains?
Re: SPF not working
Yep,
That was it. I changed the domainname for its IP address but forgot to change the a: to ip4:
However the score for SPF fail is 0. Can I just put :
score SPF_FAIL 0 0 0 3.50
score SPF_SOFTFAIL 0 0 0 1.50
score SPF_HELO_FAIL 0 0 0 1.00
score SPF_HELO_SOFTFAIL 0 0 0 0.50
In local.cf to overrule the default score?
Thanks,
Roger
That was it. I changed the domainname for its IP address but forgot to change the a: to ip4:
However the score for SPF fail is 0. Can I just put :
score SPF_FAIL 0 0 0 3.50
score SPF_SOFTFAIL 0 0 0 1.50
score SPF_HELO_FAIL 0 0 0 1.00
score SPF_HELO_SOFTFAIL 0 0 0 0.50
In local.cf to overrule the default score?
Thanks,
Roger
Re: SPF not working
To answer my own question. Yes it does
Thanks Thewomble
Thanks Thewomble
Re: SPF not working
Hi,
Does SPF check work for you?
It does not seems to work for me at all.
I tried to add score SPF lines to local.cf also, restarted mailscanner,
but when a mail arrives from an IP, which is not in the SPF record of the sender domain
and it has SPF_FAIL set (also checked on vmasoft.com) the mail still goes through
and do not get any point for SPF.
Regards,
Andras
Does SPF check work for you?
It does not seems to work for me at all.
I tried to add score SPF lines to local.cf also, restarted mailscanner,
but when a mail arrives from an IP, which is not in the SPF record of the sender domain
and it has SPF_FAIL set (also checked on vmasoft.com) the mail still goes through
and do not get any point for SPF.
Regards,
Andras
Re: SPF not working
If you get a failed spf check, what do you want the system to do exactly? Increase the spam score, or drop it all together?
What is your SPF record setting? In particular the "all" setting, is it:
+all
-all
~all
or ?all
What is your SPF record setting? In particular the "all" setting, is it:
+all
-all
~all
or ?all
Re: SPF not working
I just figured it out.
You need to put this at the end of
/etc/mail/spamassassin/local.cf file:
ifplugin Mail::SpamAssassin::Plugin::SPF
score SPF_FAIL 0 0 0 9.50
score SPF_SOFTFAIL 0 0 0 7.50
score SPF_HELO_FAIL 0 0 0 1.00
score SPF_HELO_SOFTFAIL 0 0 0 0.50
endif # Mail::SpamAssassin::Plugin::SPF
(Points are to your liking.)
Regards, Andras
You need to put this at the end of
/etc/mail/spamassassin/local.cf file:
ifplugin Mail::SpamAssassin::Plugin::SPF
score SPF_FAIL 0 0 0 9.50
score SPF_SOFTFAIL 0 0 0 7.50
score SPF_HELO_FAIL 0 0 0 1.00
score SPF_HELO_SOFTFAIL 0 0 0 0.50
endif # Mail::SpamAssassin::Plugin::SPF
(Points are to your liking.)
Regards, Andras
Re: SPF not working
Nicely done. I didn't think that ifplugin command was necessary, but apparently it is.
Re: SPF not working
I tried this in my configuration file, but still gets the following points:hiandras wrote: ↑19 Sep 2017 14:04 I just figured it out.
You need to put this at the end of
/etc/mail/spamassassin/local.cf file:
ifplugin Mail::SpamAssassin::Plugin::SPF
score SPF_FAIL 0 0 0 9.50
score SPF_SOFTFAIL 0 0 0 7.50
score SPF_HELO_FAIL 0 0 0 1.00
score SPF_HELO_SOFTFAIL 0 0 0 0.50
endif # Mail::SpamAssassin::Plugin::SPF
(Points are to your liking.)
Regards, Andras
0.73 SPF_HELO_SOFTFAIL SPF: HELO does not match SPF record (softfail)
0.67 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail)
the ifplugin line differs from the example (I added SPF at the end)
ifplugin Mail::SpamAssassin::Plugin::Shortcircuit::SPF
- shawniverson
- Posts: 3649
- Joined: 13 Jan 2014 23:30
- Location: Indianapolis, Indiana USA
- Contact:
Re: SPF not working
Umm " Mail::SpamAssassin::Plugin::Shortcircuit::SPF" is not a plugin
Mail::SpamAssassin::Plugin::Shortcircuit is a plugin, and
Mail::SpamAssassin::Plugin::SPF is a plugin
I think you need to put in your own ifplugin block here and leave Shortcircuit alone.
Mail::SpamAssassin::Plugin::Shortcircuit is a plugin, and
Mail::SpamAssassin::Plugin::SPF is a plugin
I think you need to put in your own ifplugin block here and leave Shortcircuit alone.
Re: SPF not working
I tried adding the above settings to local.cf but when I receive an email from gmail I got this info:
0.01 T_SPF_HELO_TEMPERROR SPF: test of HELO record failed (temperror)
0.01 T_SPF_TEMPERROR SPF: test of record failed (temperror)
I get this info on every email I receive. Seems SPF is not working for some reason.
So what I set up earlier isn't working anymore
Could this be a DNS problem? The server is on a local network.
0.01 T_SPF_HELO_TEMPERROR SPF: test of HELO record failed (temperror)
0.01 T_SPF_TEMPERROR SPF: test of record failed (temperror)
I get this info on every email I receive. Seems SPF is not working for some reason.
So what I set up earlier isn't working anymore
Could this be a DNS problem? The server is on a local network.
Re: SPF not working
Ok,
I tried it on a existing nonspam email:
spamassassin -D < /var/spool/MailScanner/quarantine/20171106/nonspam/527E9C00CF.AE751 2>&1 | grep -i spf
and got this:
Nov 6 18:06:40.550 [14269] dbg: spf: checking to see if the message has a Received-SPF header that we can use
Nov 6 18:06:40.574 [14269] dbg: spf: using Mail::SPF for SPF checks
Nov 6 18:06:40.575 [14269] dbg: spf: checking HELO (helo=spring-chicken-bk.twitter.com, ip=199.16.156.176)
Nov 6 18:06:40.577 [14269] dbg: spf: query for /199.16.156.176/spring-chicken-bk.twitter.com: result: temperror, comment: , text: 'REFUSED' error on DNS 'TXT' lookup of 'spring-chicken-bk.twitter.com'
Nov 6 18:06:40.619 [14269] dbg: spf: already checked for Received-SPF headers, proceeding with DNS based checks
Nov 6 18:06:40.619 [14269] dbg: spf: cannot get Envelope-From, cannot use SPF
Nov 6 18:06:40.622 [14269] dbg: rules: ran eval rule T_SPF_HELO_TEMPERROR ======> got hit (1)
Nov 6 18:06:40.624 [14269] dbg: spf: def_spf_whitelist_from: already checked spf and didn't get pass, skipping whitelist check
Nov 6 18:06:40.626 [14269] dbg: spf: whitelist_from_spf: already checked spf and didn't get pass, skipping whitelist check
seems that a dns lookup failed. Not sure why. I tried a few other mails and they all get "refused"
I tried it on a existing nonspam email:
spamassassin -D < /var/spool/MailScanner/quarantine/20171106/nonspam/527E9C00CF.AE751 2>&1 | grep -i spf
and got this:
Nov 6 18:06:40.550 [14269] dbg: spf: checking to see if the message has a Received-SPF header that we can use
Nov 6 18:06:40.574 [14269] dbg: spf: using Mail::SPF for SPF checks
Nov 6 18:06:40.575 [14269] dbg: spf: checking HELO (helo=spring-chicken-bk.twitter.com, ip=199.16.156.176)
Nov 6 18:06:40.577 [14269] dbg: spf: query for /199.16.156.176/spring-chicken-bk.twitter.com: result: temperror, comment: , text: 'REFUSED' error on DNS 'TXT' lookup of 'spring-chicken-bk.twitter.com'
Nov 6 18:06:40.619 [14269] dbg: spf: already checked for Received-SPF headers, proceeding with DNS based checks
Nov 6 18:06:40.619 [14269] dbg: spf: cannot get Envelope-From, cannot use SPF
Nov 6 18:06:40.622 [14269] dbg: rules: ran eval rule T_SPF_HELO_TEMPERROR ======> got hit (1)
Nov 6 18:06:40.624 [14269] dbg: spf: def_spf_whitelist_from: already checked spf and didn't get pass, skipping whitelist check
Nov 6 18:06:40.626 [14269] dbg: spf: whitelist_from_spf: already checked spf and didn't get pass, skipping whitelist check
seems that a dns lookup failed. Not sure why. I tried a few other mails and they all get "refused"
Re: SPF not working
Ok, after changing my primary nameserver on the EFA server to another nameserver it started working again:
spamassassin -D < /var/spool/MailScanner/quarantine/20171106/nonspam/527E9C00CF.AE751 2>&1 | grep -i spf
Nov 6 18:18:37.451 [17813] dbg: spf: checking to see if the message has a Received-SPF header that we can use
Nov 6 18:18:37.471 [17813] dbg: spf: using Mail::SPF for SPF checks
Nov 6 18:18:37.471 [17813] dbg: spf: checking HELO (helo=spring-chicken-bk.twitter.com, ip=199.16.156.176)
Nov 6 18:18:37.478 [17813] dbg: spf: query for /199.16.156.176/spring-chicken-bk.twitter.com: result: none, comment: , text: No applicable sender policy available
Nov 6 18:18:37.537 [17813] dbg: spf: already checked for Received-SPF headers, proceeding with DNS based checks
Nov 6 18:18:37.537 [17813] dbg: spf: cannot get Envelope-From, cannot use SPF
Nov 6 18:18:37.541 [17813] dbg: spf: def_spf_whitelist_from: already checked spf and didn't get pass, skipping whitelist check
Nov 6 18:18:37.543 [17813] dbg: spf: whitelist_from_spf: already checked spf and didn't get pass, skipping whitelist check
spamassassin -D < /var/spool/MailScanner/quarantine/20171106/nonspam/527E9C00CF.AE751 2>&1 | grep -i spf
Nov 6 18:18:37.451 [17813] dbg: spf: checking to see if the message has a Received-SPF header that we can use
Nov 6 18:18:37.471 [17813] dbg: spf: using Mail::SPF for SPF checks
Nov 6 18:18:37.471 [17813] dbg: spf: checking HELO (helo=spring-chicken-bk.twitter.com, ip=199.16.156.176)
Nov 6 18:18:37.478 [17813] dbg: spf: query for /199.16.156.176/spring-chicken-bk.twitter.com: result: none, comment: , text: No applicable sender policy available
Nov 6 18:18:37.537 [17813] dbg: spf: already checked for Received-SPF headers, proceeding with DNS based checks
Nov 6 18:18:37.537 [17813] dbg: spf: cannot get Envelope-From, cannot use SPF
Nov 6 18:18:37.541 [17813] dbg: spf: def_spf_whitelist_from: already checked spf and didn't get pass, skipping whitelist check
Nov 6 18:18:37.543 [17813] dbg: spf: whitelist_from_spf: already checked spf and didn't get pass, skipping whitelist check