Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

SPF Problem

1,444 views
Skip to first unread message

Rubens Lehmann

unread,
Feb 25, 2013, 1:56:28 PM2/25/13
to

Hi,

 

We have a simple SPF rule working for years:

Header field contains "Received-SPF: fail"

 

Lately, messages from one of our costumers are being blocked, because one of it's internal servers has a fail SPF.

 

Headers looks like this:

 

Return-Path: <som...@external.com>

Received: from mail2.external.com ([XXX.XXX.XXX.XXX] verified)

  by myserver.com (CommuniGate Pro)

  with ESMTP id 11017521 for m...@myserver.com; Fri, 15 Feb 2013 17:23:17 -0200

Received-SPF: pass

receiver=myserver.com; client-ip=YYY.YYY.YYY.YYY; envelope-from=som...@external.com

Received-SPF: None (SMTP Server Ready: no sender authenticity

  information available from domain of

  som...@external.com) identity=pra;

  client-ip=10.209.64.184; receiver=SMTP Server Ready;

  envelope-from="som...@external.com";

  x-sender="som...@external.com";

  x-conformance=sidf_compatible

Received-SPF: Fail (SMTP Server Ready: domain of

  som...@external.com does not designate 10.209.64.184 as

  permitted sender) identity=mailfrom; client-ip=10.209.64.184;

  receiver=SMTP Server Ready;

  envelope-from="som...@external.com";

  x-sender="som...@external.com";

  x-conformance=sidf_compatible; x-record-type="v=spf1"

Received-SPF: None (SMTP Server Ready: no sender authenticity

  information available from domain of

  postm...@C02L08VM05.mM.intranet) identity=helo;

  client-ip=10.209.64.184; receiver=SMTP Server Ready;

  envelope-from="som...@external.com";

  x-sender="postm...@C02L08VM05.mm.intranet";

  x-conformance=sidf_compatible

Received: from c02l08vm05.mm.intranet ([10.209.64.184])

  by mail2.external.com with ESMTP; 15 Feb 2013 17:20:49 -0200

Received: from C02L08VM04.mm.intranet ([fe80::9d58:c99f:f30c:15be]) by

C02L08VM05.mm.intranet ([::1]) with mapi id 14.01.0218.012; Fri, 15 Feb 2013

17:20:48 -0200

From: Someone External <som...@external.com>

To: "m...@myserver.com" <m...@myserver.com>

Subject: Test

 

It's possible to check only the last SPF? Any other ideas on how to solve that?

 

Thank you very much,

 

Rubens

 

Technical Support, Stalker Labs

unread,
Feb 25, 2013, 4:59:06 PM2/25/13
to
Hello,
Sorry, no. The rule condition checks all headers.
You can check the specific headers only from an external filtering helper.

> Any other ideas on how to solve that?

You can add "Header Field doesn't contain Received-SPF: pass" as
additional check. However the sender may include this header in advance
so your actual SPF failure won't be processed.

> Thank you very much,
>
> Rubens
>


--
Sincerely,
Roman
=======================================================================
When answering to letters sent to you by the tech.support staff, make
sure the original message you have received is included into your reply.

#############################################################
This message is sent to you because you are subscribed to
the mailing list <CGat...@mail.stalker.com>.
To unsubscribe, E-mail to: <CGateP...@mail.stalker.com>
To switch to the DIGEST mode, E-mail to <CGatePr...@mail.stalker.com>
To switch to the INDEX mode, E-mail to <CGatePr...@mail.stalker.com>
Send administrative queries to <CGatePro...@mail.stalker.com>

jaga...@gmail.com

unread,
Jan 20, 2015, 1:46:46 AM1/20/15
to
Hi
I am getting the below message how can resolve this.

Received: from mx3.dfw1.rackspace.com (10.7.9.75) by smtpout.rackspace.com
(10.12.120.25) with Microsoft SMTP Server id 14.3.123.3; Mon, 19 Jan 2015
08:32:20 -0600
Received-SPF: None (mx3.dfw1.rackspace.com: no sender
authenticity information available from domain of
apa...@host.example.com) identity=mailfrom;
client-ip=127.0.0.1 ; receiver=mx3.dfw1.rackspace.com;
envelope-from="apa...@host.example.com";
x-sender="apa...@host.example.com";
x-conformance=spf_only
Received-SPF: None (mx3.dfw1.rackspace.com: no sender
authenticity information available from domain of
postm...@host.example.com) identity=helo;
client-ip=127.0.0.1 ; receiver=mx3.dfw1.rackspace.com;
envelope-from="apa...@host.example.com";
x-sender="postm...@host.example.com";
x-conformance=spf_only
X-SBRS: None
X-SenderGroup: SUSPECTLIST-HIGH
X-MailFlowPolicy: $THROTTLED-HIGH
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Ak9GAPAUvVQyOH5E/2dsb2JhbABBGoMGAVGD
Received: from host.example.com ([127.0.0.1 ]) by
mx3.dfw1.rackspace.com with ESMTP; 19 Jan 2015 08:32:20 -0600
Received: by host.example.com (Postfix, from userid 48) id
9A80DB0161; Mon, 19 Jan 2015 09:32:19 -0500 (EST)
To: <user@@rackspace.com>
Subject: =?UTF-8?B?V2VsY29tZSB0byBSZWFsVGVsbGlnZW5jZQ==?=
X-PHP-Originating-Script: 0:UserModule.php
Content-Type: text/plain
Message-ID: <d9c3cc...@ORD1EXH01.RACKSPACE.CORP>
From: <apa...@host.example.com>
Return-Path: apa...@host.example.com
Date: Mon, 19 Jan 2015 08:32:20 -0600
X-MS-Exchange-Organization-AuthSource: ORD1EXH01.RACKSPACE.CORP
X-MS-Exchange-Organization-AuthAs: Anonymous
MIME-Version: 1.0

Thanks in advance.
0 new messages