I would like to up my SPF game a bit and provide feedback to those who don't have a misconfigured SPF record. I have enabled debugging and only see an action of prepending the AR header.
postfix-3.0.5-1.el6.x86_64
python-pyspf-2.0.11-1.el6.noarch
/etc/python-policyd-spf/policyd-spf.conf
debugLevel = 5
defaultSeedOnly = 1
HELO_reject = False
Mail_From_reject = Fail
No_Mail = False
PermError_reject = True
TempError_Defer = False
skip_addresses = 127.0.0.0/8,::ffff:127.0.0.0/104,::1
Whitelist = 96.4.1.0/26,96.5.1.0/26
Header_Type = AR
Dec 14 10:21:30 mr3 policyd-spf[33206]: Starting
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "request=smtpd_access_policy"
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "protocol_state=RCPT"
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "protocol_name=SMTP"
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "client_address=129.176.115.3"
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "client_name=ropebs021a.mayo.edu"
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "client_port=32657"
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "reverse_client_name=ropebs021a.mayo.edu"
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "helo_name=listmanager.mayoclinic.com"
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "sender=bounce-16651308-108450563@listmanager.mayoclinic.com"
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "recipient=Jbrandon@example.com"
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "recipient_count=0"
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "queue_id="
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "instance=8139.5a32a50a.b16c8.0"
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "size=0"
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "etrn_domain="
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "stress="
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "sasl_method="
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "sasl_username="
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "sasl_sender="
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "ccert_subject="
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "ccert_issuer="
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "ccert_fingerprint="
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "ccert_pubkey_fingerprint="
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "encryption_protocol="
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "encryption_cipher="
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "encryption_keysize=0"
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: ""
Dec 14 10:21:30 mr3 policyd-spf[33206]: Found the end of entry
Dec 14 10:21:30 mr3 policyd-spf[33206]: Config: {'Mail_From_reject': 'Fail', 'Void_Limit': 2, 'Header_Type': 'AR', 'No_Mail': 'False', 'PermError_reject': 'True', 'Lookup_Time': 20, 'Authserv_Id': 'smtp4n.ena.net', 'defaultSeedOnly': 1, 'debugLevel': 5, 'skip_addresses': '127.0.0.0/8,::ffff:127.0.0.0/104,::1', 'HELO_reject': 'False', 'Whitelist': '96.4.1.0/26,96.5.1.0/26', 'TempError_Defer': 'False'}
Dec 14 10:21:30 mr3 policyd-spf[33206]: Cached data for this instance: []
Dec 14 10:21:30 mr3 policyd-spf[33206]: spfcheck: pyspf result: "['Permerror', 'SPF Permanent Error: Unknown mechanism found: -all;', 'helo']"
Dec 14 10:21:30 mr3 policyd-spf[33206]: Permerror; identity=helo; client-ip=129.176.115.3; helo=listmanager.mayoclinic.com; envelope-from=bounce-16651308-108450563@listmanager.mayoclinic.com; receiver=jbrandon@example.com
Dec 14 10:21:30 mr3 policyd-spf[33206]: Header type: AR; Authres ID (for AR): smtp4n.ena.net
Dec 14 10:21:30 mr3 policyd-spf[33206]: spfcheck: pyspf result: "['Permerror', 'SPF Permanent Error: Unknown mechanism found: -all;', 'mailfrom']"
Dec 14 10:21:30 mr3 policyd-spf[33206]: Permerror; identity=mailfrom; client-ip=129.176.115.3; helo=listmanager.mayoclinic.com; envelope-from=bounce-16651308-108450563@listmanager.mayoclinic.com; receiver=jbrandon@example.com
Dec 14 10:21:30 mr3 policyd-spf[33206]: Action: prepend: Text: Authentication-Results: smtp4n.ena.net; spf=permerror (SPF Permanent Error: Unknown mechanism found: -all;) smtp.mailfrom=listmanager.mayoclinic.com (client-ip=129.176.115.3; helo=listmanager.mayoclinic.com; envelope-from=bounce-16651308-108450563@listmanager.mayoclinic.com; receiver=jbrandon@example.com)
How do I get the action above to reject instead of adding a header?
Thanks,
Dave
-------------------------------------------
Sender Policy Framework: http://www.openspf.net [http://www.openspf.net]
Modify Your Subscription: http://www.listbox.com/member/ [http://www.listbox.com/member/]
Archives: https://www.listbox.com/member/archive/1007/=now
RSS Feed: https://www.listbox.com/member/archive/rss/1007/1311533-9e42a648
Modify Your Subscription: https://www.listbox.com/member/?member_id=1311533&id_secret=1311533-d322f1f1
Unsubscribe Now: https://www.listbox.com/unsubscribe/?member_id=1311533&id_secret=1311533-d59c80a0&post_id=20171214114528:2EE7C12E-E0EE-11E7-BD33-B265945AA1FE
Powered by Listbox: http://www.listbox.com
postfix-3.0.5-1.el6.x86_64
python-pyspf-2.0.11-1.el6.noarch
/etc/python-policyd-spf/policyd-spf.conf
debugLevel = 5
defaultSeedOnly = 1
HELO_reject = False
Mail_From_reject = Fail
No_Mail = False
PermError_reject = True
TempError_Defer = False
skip_addresses = 127.0.0.0/8,::ffff:127.0.0.0/104,::1
Whitelist = 96.4.1.0/26,96.5.1.0/26
Header_Type = AR
Dec 14 10:21:30 mr3 policyd-spf[33206]: Starting
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "request=smtpd_access_policy"
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "protocol_state=RCPT"
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "protocol_name=SMTP"
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "client_address=129.176.115.3"
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "client_name=ropebs021a.mayo.edu"
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "client_port=32657"
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "reverse_client_name=ropebs021a.mayo.edu"
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "helo_name=listmanager.mayoclinic.com"
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "sender=bounce-16651308-108450563@listmanager.mayoclinic.com"
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "recipient=Jbrandon@example.com"
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "recipient_count=0"
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "queue_id="
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "instance=8139.5a32a50a.b16c8.0"
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "size=0"
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "etrn_domain="
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "stress="
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "sasl_method="
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "sasl_username="
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "sasl_sender="
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "ccert_subject="
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "ccert_issuer="
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "ccert_fingerprint="
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "ccert_pubkey_fingerprint="
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "encryption_protocol="
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "encryption_cipher="
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: "encryption_keysize=0"
Dec 14 10:21:30 mr3 policyd-spf[33206]: Read line: ""
Dec 14 10:21:30 mr3 policyd-spf[33206]: Found the end of entry
Dec 14 10:21:30 mr3 policyd-spf[33206]: Config: {'Mail_From_reject': 'Fail', 'Void_Limit': 2, 'Header_Type': 'AR', 'No_Mail': 'False', 'PermError_reject': 'True', 'Lookup_Time': 20, 'Authserv_Id': 'smtp4n.ena.net', 'defaultSeedOnly': 1, 'debugLevel': 5, 'skip_addresses': '127.0.0.0/8,::ffff:127.0.0.0/104,::1', 'HELO_reject': 'False', 'Whitelist': '96.4.1.0/26,96.5.1.0/26', 'TempError_Defer': 'False'}
Dec 14 10:21:30 mr3 policyd-spf[33206]: Cached data for this instance: []
Dec 14 10:21:30 mr3 policyd-spf[33206]: spfcheck: pyspf result: "['Permerror', 'SPF Permanent Error: Unknown mechanism found: -all;', 'helo']"
Dec 14 10:21:30 mr3 policyd-spf[33206]: Permerror; identity=helo; client-ip=129.176.115.3; helo=listmanager.mayoclinic.com; envelope-from=bounce-16651308-108450563@listmanager.mayoclinic.com; receiver=jbrandon@example.com
Dec 14 10:21:30 mr3 policyd-spf[33206]: Header type: AR; Authres ID (for AR): smtp4n.ena.net
Dec 14 10:21:30 mr3 policyd-spf[33206]: spfcheck: pyspf result: "['Permerror', 'SPF Permanent Error: Unknown mechanism found: -all;', 'mailfrom']"
Dec 14 10:21:30 mr3 policyd-spf[33206]: Permerror; identity=mailfrom; client-ip=129.176.115.3; helo=listmanager.mayoclinic.com; envelope-from=bounce-16651308-108450563@listmanager.mayoclinic.com; receiver=jbrandon@example.com
Dec 14 10:21:30 mr3 policyd-spf[33206]: Action: prepend: Text: Authentication-Results: smtp4n.ena.net; spf=permerror (SPF Permanent Error: Unknown mechanism found: -all;) smtp.mailfrom=listmanager.mayoclinic.com (client-ip=129.176.115.3; helo=listmanager.mayoclinic.com; envelope-from=bounce-16651308-108450563@listmanager.mayoclinic.com; receiver=jbrandon@example.com)
How do I get the action above to reject instead of adding a header?
Thanks,
Dave
-------------------------------------------
Sender Policy Framework: http://www.openspf.net [http://www.openspf.net]
Modify Your Subscription: http://www.listbox.com/member/ [http://www.listbox.com/member/]
Archives: https://www.listbox.com/member/archive/1007/=now
RSS Feed: https://www.listbox.com/member/archive/rss/1007/1311533-9e42a648
Modify Your Subscription: https://www.listbox.com/member/?member_id=1311533&id_secret=1311533-d322f1f1
Unsubscribe Now: https://www.listbox.com/unsubscribe/?member_id=1311533&id_secret=1311533-d59c80a0&post_id=20171214114528:2EE7C12E-E0EE-11E7-BD33-B265945AA1FE
Powered by Listbox: http://www.listbox.com