Hello
I am new to SPF and i install exim with SPF supports.
After the install i add the following line in the rcpt acl of my exim configuration
file
deny message = $sender_host_address is not allowed to send mail from
$sender_address_domain
log_message = SPF check failded
spf = fail
This configuration can permit to test a fail forgery attemps from domains wich publish
SPF records.(example aol.com)
A furgery aol mail from host 41.207.177.17 to my server give this error
"SPF result is unknown (permanent error) (7)"
**** SMTP testing session as if from host 41.207.177.17
**** but without any ident (RFC 1413) callback.
**** This is not for real!
>>> host in hosts_connection_nolog? no (option unset)
>>> host in host_lookup? yes (matched "*")
>>> looking up host name for 41.207.177.17
>>> IP address lookup yielded mail.togotel.net.tg
>>> alias tgt1.togotel.net.tg
>>> alias quota.togotel.net.tg
mail >>> gethostbyname looked up these IP addresses:
>>> name=mail.togotel.net.tg address=41.207.177.17
>>> checking addresses for mail.togotel.net.tg
>>> 41.207.177.17 OK
>>> name=tgt1.togotel.net.tg address=41.207.177.17
>>> checking addresses for tgt1.togotel.net.tg
>>> 41.207.177.17 OK
>>> name=quota.togotel.net.tg address=41.207.177.17
>>> checking addresses for quota.togotel.net.tg
>>> 41.207.177.17 OK
>>> host in host_reject_connection? no (option unset)
>>> host in sender_unqualified_hosts? no (option unset)
>>> host in recipient_unqualified_hosts? no (option unset)
>>> host in helo_verify_hosts? no (option unset)
>>> host in helo_try_verify_hosts? no (option unset)
>>> host in helo_accept_junk_hosts? no (option unset)
220 annuaire.trstech.net ESMTP Exim 4.68 Mon, 14 Jul 2008 19:09:20 +0000
mail from: sam@aol.com
501 mail from: sam@aol.com: missing or malformed local part (expected word or "<")
quit
221 annuaire.trstech.net closing connection
[root@annuaire ~]# /usr/exim/bin/exim -bh 41.207.177.17
**** SMTP testing session as if from host 41.207.177.17
**** but without any ident (RFC 1413) callback.
**** This is not for real!
>>> host in hosts_connection_nolog? no (option unset)
>>> host in host_lookup? yes (matched "*")
>>> looking up host name for 41.207.177.17
>>> IP address lookup yielded tgt1.togotel.net.tg
>>> alias quota.togotel.net.tg
>>> alias mail.togotel.net.tg
>>> gethostbyname looked up these IP addresses:
>>> name=tgt1.togotel.net.tg address=41.207.177.17
>>> checking addresses for tgt1.togotel.net.tg
>>> 41.207.177.17 OK
>>> gethostbyname looked up these IP addresses:
>>> name=quota.togotel.net.tg address=41.207.177.17
>>> checking addresses for quota.togotel.net.tg
>>> 41.207.177.17 OK
>>> gethostbyname looked up these IP addresses:
>>> name=mail.togotel.net.tg address=41.207.177.17
>>> checking addresses for mail.togotel.net.tg
>>> 41.207.177.17 OK
>>> host in host_reject_connection? no (option unset)
>>> host in sender_unqualified_hosts? no (option unset)
>>> host in recipient_unqualified_hosts? no (option unset)
>>> host in helo_verify_hosts? no (option unset)
>>> host in helo_try_verify_hosts? no (option unset)
>>> host in helo_accept_junk_hosts? no (option unset)
220 annuaire.trstech.net ESMTP Exim 4.68 Mon, 14 Jul 2008 19:09:52 +0000
mail from: sam@aol.com
250 OK
rcpt to: geek@annuaire.trstech.net
>>> using ACL "acl_check_rcpt"
>>> processing "accept"
>>> check hosts = :
>>> host in ":"? no (end of list)
>>> accept: condition test failed
>>> processing "deny"
>>> check domains = +local_domains
>>> annuaire.trstech.net in "annuaire.trstech.net"? yes
(matched "annuaire.trstech.net")
>>> annuaire.trstech.net in "+local_domains"? yes (matched "+local_domains")
>>> check local_parts = ^[.] : ^.*[@%!/|]
>>> geek in "^[.] : ^.*[@%!/|]"? no (end of list)
>>> deny: condition test failed
>>> processing "deny"
>>> check domains = !+local_domains
>>> annuaire.trstech.net in "!+local_domains"? no (matched "!+local_domains" - cached)
>>> deny: condition test failed
>>> processing "accept"
>>> check local_parts = postmaster
>>> geek in "postmaster"? no (end of list)
>>> accept: condition test failed
>>> processing "require"
>>> check verify = sender
>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>> routing sam@aol.com
>>> aol.com in "annuaire.trstech.net"? no (end of list)
>>> aol.com in "! +local_domains"? yes (end of list)
>>> calling dnslookup router
>>> 64.12.137.89 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
>>> 64.12.138.120 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
>>> 205.188.249.91 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
>>> 205.188.252.17 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
>>> 64.12.138.153 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
>>> 205.188.109.56 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
>>> 205.188.156.248 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
>>> 205.188.159.57 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
>>> 64.12.139.249 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
>>> 205.188.159.216 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
>>> 64.12.138.57 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
>>> 64.12.138.88 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
>>> routed by dnslookup router
>>> ----------- end verify ------------
>>> require: condition test succeeded
>>> processing "accept"
>>> check hosts = +relay_from_hosts
>>> host in "127.0.0.1"? no (end of list)
>>> host in "+relay_from_hosts"? no (end of list)
>>> accept: condition test failed
>>> processing "accept"
>>> check authenticated = *
>>> accept: condition test failed
>>> processing "require"
>>> check domains = +local_domains : +relay_to_domains
>>> annuaire.trstech.net in "+local_domains : +relay_to_domains"? yes
(matched "+local_domains" - cached)
>>> require: condition test succeeded
>>> processing "require"
>>> check verify = recipient
>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>> routing geek@annuaire.trstech.net
>>> annuaire.trstech.net in "! +local_domains"? no (matched "! +local_domains" -
cached)
>>> calling system_aliases router
>>> system_aliases router declined for geek@annuaire.trstech.net
>>> calling localuser router
>>> routed by localuser router
>>> ----------- end verify ------------
>>> require: condition test succeeded
>>> processing "deny"
>>> check spf = fail
>>> SPF result is unknown (permanent error) (7)
>>> deny: condition test failed
>>> processing "accept"
>>> accept: condition test succeeded
250 Accepted
Any help in order to resolve this problem will be appreciated.
--sam
--
TRS - Technologies Reseaux & Solutions (http://www.trstech.net)
-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/
Powered by Listbox: http://www.listbox.com
I am new to SPF and i install exim with SPF supports.
After the install i add the following line in the rcpt acl of my exim configuration
file
deny message = $sender_host_address is not allowed to send mail from
$sender_address_domain
log_message = SPF check failded
spf = fail
This configuration can permit to test a fail forgery attemps from domains wich publish
SPF records.(example aol.com)
A furgery aol mail from host 41.207.177.17 to my server give this error
"SPF result is unknown (permanent error) (7)"
**** SMTP testing session as if from host 41.207.177.17
**** but without any ident (RFC 1413) callback.
**** This is not for real!
>>> host in hosts_connection_nolog? no (option unset)
>>> host in host_lookup? yes (matched "*")
>>> looking up host name for 41.207.177.17
>>> IP address lookup yielded mail.togotel.net.tg
>>> alias tgt1.togotel.net.tg
>>> alias quota.togotel.net.tg
mail >>> gethostbyname looked up these IP addresses:
>>> name=mail.togotel.net.tg address=41.207.177.17
>>> checking addresses for mail.togotel.net.tg
>>> 41.207.177.17 OK
>>> name=tgt1.togotel.net.tg address=41.207.177.17
>>> checking addresses for tgt1.togotel.net.tg
>>> 41.207.177.17 OK
>>> name=quota.togotel.net.tg address=41.207.177.17
>>> checking addresses for quota.togotel.net.tg
>>> 41.207.177.17 OK
>>> host in host_reject_connection? no (option unset)
>>> host in sender_unqualified_hosts? no (option unset)
>>> host in recipient_unqualified_hosts? no (option unset)
>>> host in helo_verify_hosts? no (option unset)
>>> host in helo_try_verify_hosts? no (option unset)
>>> host in helo_accept_junk_hosts? no (option unset)
220 annuaire.trstech.net ESMTP Exim 4.68 Mon, 14 Jul 2008 19:09:20 +0000
mail from: sam@aol.com
501 mail from: sam@aol.com: missing or malformed local part (expected word or "<")
quit
221 annuaire.trstech.net closing connection
[root@annuaire ~]# /usr/exim/bin/exim -bh 41.207.177.17
**** SMTP testing session as if from host 41.207.177.17
**** but without any ident (RFC 1413) callback.
**** This is not for real!
>>> host in hosts_connection_nolog? no (option unset)
>>> host in host_lookup? yes (matched "*")
>>> looking up host name for 41.207.177.17
>>> IP address lookup yielded tgt1.togotel.net.tg
>>> alias quota.togotel.net.tg
>>> alias mail.togotel.net.tg
>>> gethostbyname looked up these IP addresses:
>>> name=tgt1.togotel.net.tg address=41.207.177.17
>>> checking addresses for tgt1.togotel.net.tg
>>> 41.207.177.17 OK
>>> gethostbyname looked up these IP addresses:
>>> name=quota.togotel.net.tg address=41.207.177.17
>>> checking addresses for quota.togotel.net.tg
>>> 41.207.177.17 OK
>>> gethostbyname looked up these IP addresses:
>>> name=mail.togotel.net.tg address=41.207.177.17
>>> checking addresses for mail.togotel.net.tg
>>> 41.207.177.17 OK
>>> host in host_reject_connection? no (option unset)
>>> host in sender_unqualified_hosts? no (option unset)
>>> host in recipient_unqualified_hosts? no (option unset)
>>> host in helo_verify_hosts? no (option unset)
>>> host in helo_try_verify_hosts? no (option unset)
>>> host in helo_accept_junk_hosts? no (option unset)
220 annuaire.trstech.net ESMTP Exim 4.68 Mon, 14 Jul 2008 19:09:52 +0000
mail from: sam@aol.com
250 OK
rcpt to: geek@annuaire.trstech.net
>>> using ACL "acl_check_rcpt"
>>> processing "accept"
>>> check hosts = :
>>> host in ":"? no (end of list)
>>> accept: condition test failed
>>> processing "deny"
>>> check domains = +local_domains
>>> annuaire.trstech.net in "annuaire.trstech.net"? yes
(matched "annuaire.trstech.net")
>>> annuaire.trstech.net in "+local_domains"? yes (matched "+local_domains")
>>> check local_parts = ^[.] : ^.*[@%!/|]
>>> geek in "^[.] : ^.*[@%!/|]"? no (end of list)
>>> deny: condition test failed
>>> processing "deny"
>>> check domains = !+local_domains
>>> annuaire.trstech.net in "!+local_domains"? no (matched "!+local_domains" - cached)
>>> deny: condition test failed
>>> processing "accept"
>>> check local_parts = postmaster
>>> geek in "postmaster"? no (end of list)
>>> accept: condition test failed
>>> processing "require"
>>> check verify = sender
>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>> routing sam@aol.com
>>> aol.com in "annuaire.trstech.net"? no (end of list)
>>> aol.com in "! +local_domains"? yes (end of list)
>>> calling dnslookup router
>>> 64.12.137.89 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
>>> 64.12.138.120 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
>>> 205.188.249.91 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
>>> 205.188.252.17 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
>>> 64.12.138.153 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
>>> 205.188.109.56 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
>>> 205.188.156.248 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
>>> 205.188.159.57 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
>>> 64.12.139.249 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
>>> 205.188.159.216 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
>>> 64.12.138.57 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
>>> 64.12.138.88 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
>>> routed by dnslookup router
>>> ----------- end verify ------------
>>> require: condition test succeeded
>>> processing "accept"
>>> check hosts = +relay_from_hosts
>>> host in "127.0.0.1"? no (end of list)
>>> host in "+relay_from_hosts"? no (end of list)
>>> accept: condition test failed
>>> processing "accept"
>>> check authenticated = *
>>> accept: condition test failed
>>> processing "require"
>>> check domains = +local_domains : +relay_to_domains
>>> annuaire.trstech.net in "+local_domains : +relay_to_domains"? yes
(matched "+local_domains" - cached)
>>> require: condition test succeeded
>>> processing "require"
>>> check verify = recipient
>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>> routing geek@annuaire.trstech.net
>>> annuaire.trstech.net in "! +local_domains"? no (matched "! +local_domains" -
cached)
>>> calling system_aliases router
>>> system_aliases router declined for geek@annuaire.trstech.net
>>> calling localuser router
>>> routed by localuser router
>>> ----------- end verify ------------
>>> require: condition test succeeded
>>> processing "deny"
>>> check spf = fail
>>> SPF result is unknown (permanent error) (7)
>>> deny: condition test failed
>>> processing "accept"
>>> accept: condition test succeeded
250 Accepted
Any help in order to resolve this problem will be appreciated.
--sam
--
TRS - Technologies Reseaux & Solutions (http://www.trstech.net)
-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/
Powered by Listbox: http://www.listbox.com