Feeling sheepish
It was my solaris sendmail pkg removal and reinstall of our own pkg that
caused the problem as suspected. It was the /etc/init.d/sendmail script
that I had not got back to what was needed. In particular when I first
adjusted /etc/init.d/sendmail for the sendmail-milter-spf-1.41.pl I read
the bit about
'include:local-forwarders'
and adjusted the entry. When I recreated the script I was rushing and just
copied and pasted the line from the script. After a few "write_log"
additions to sendmail-milter-spf-1.41.pl I found my error.
live and learn.
BB
on Fri, Aug 13, 2004 at 05:28:48PM +1000, Broun, Bevan <brounb@adi-limited.com> wrote:
> Hi Koen, thanks for answering. Im pulling my hair out here.
>
> > Did you run dig & spfquery on the same box that is doing the checks??
>
> Yes.
>
> > And the obvious question: what has changed since the time it worked and
> > the time it didn't?
>
> This is a solaris 8 host. What I think is this: I compiled a new solaris
> (on a different box) and installed over the top of the solaris sendmail.
> Then we tested and everything was working. We decided to uninstall the
> solaris sendmail packages (there are two) so as not to get our own sendmain
> pkg overwritten by recommended patches. This removed files from /etc/mail
> (but I had that backed up) and the /etc/init.d/sendmail script (which I
> think is back to what I had).
>
> Then I reinstalled our sendmail pkg and replaced the /etc/mail directory.
> Im thinking that there is a permission problem perhaps.
>
> Currently Im adding write_log lines in sendmail-milter-spf-1.41.pl to see
> whats going on. It looks like sendmail is definitely using the milter but
> it's getting the "unknown" result, which would suggest sendmail is perhaps
> not passing the ip and email address to the milter.
>
> Do you know how to get more logging out of that milter (without editing
> code)
>
> Ive got to get this going tonight.
>
> Thanks
>
> BB
>
>
> >
> > Koen
> >
> > On Fri, Aug 13, 2004 at 04:44:04PM +1000, Broun, Bevan wrote:
> > > Im using the perl implementation
> > >
> > > spfquery gives the correct result:
> > >
> > > spfquery: domain of test@adi-limited.com does not designate 203.20.101.19
> > > as permitted sender
> > >
> > > thanks
> > >
> > > BB
> > >
> > > on Fri, Aug 13, 2004 at 03:40:17PM +1000, Broun, Bevan <brounb@adi-limited.com> wrote:
> > > > I had spf working in my test environment. It was working very nicely
> > > > rejecting forged mail. I cant figure out what's wrong now, Im getting
> > > >
> > > > Milter add: header: Received-SPF: unknown (hyperion.adi-limited.com:
> > > > error in processing during lookup of test@adi-limited.com)
> > > >
> > > > Note: that this is a test lab. Dont look up internet records for
> > > > adi-limited.com. In the lab Ive got from dig:
> > > >
> > > > ;; ANSWER SECTION:
> > > > adi-limited.com. 10800 IN TXT "v=spf1 a:hyperion.adi-limited.com -all"
> > > >
> > > > Im testing via telnet to port 25 - I am expecting to be getting rejected.
> > > >
> > > > help
> > > >
> > > > BB
> > > >
> > > > -------
> > > > Archives at http://archives.listbox.com/spf-help/current/
> > > > Donate! http://spf.pobox.com/donations.html
> > > > To unsubscribe, change your address, or temporarily deactivate your subscription,
> > > > please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com
> > >
> > > -------
> > > Archives at http://archives.listbox.com/spf-help/current/
> > > Donate! http://spf.pobox.com/donations.html
> > > To unsubscribe, change your address, or temporarily deactivate your subscription,
> > > please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com
> >
> > --
> > K.F.J. Martens, Sonologic, http://www.sonologic.nl/
> > Networking, embedded systems, unix expertise, artificial intelligence.
> > Public PGP key: http://www.metro.cx/pubkey-gmc.asc
> > Wondering about the funny attachment your mail program
> > can't read? Visit http://www.openpgp.org/
> >
> > -------
> > Archives at http://archives.listbox.com/spf-help/current/
> > Donate! http://spf.pobox.com/donations.html
> > To unsubscribe, change your address, or temporarily deactivate your subscription,
> > please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com
>
> -------
> Archives at http://archives.listbox.com/spf-help/current/
> Donate! http://spf.pobox.com/donations.html
> To unsubscribe, change your address, or temporarily deactivate your subscription,
> please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com
-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com
It was my solaris sendmail pkg removal and reinstall of our own pkg that
caused the problem as suspected. It was the /etc/init.d/sendmail script
that I had not got back to what was needed. In particular when I first
adjusted /etc/init.d/sendmail for the sendmail-milter-spf-1.41.pl I read
the bit about
'include:local-forwarders'
and adjusted the entry. When I recreated the script I was rushing and just
copied and pasted the line from the script. After a few "write_log"
additions to sendmail-milter-spf-1.41.pl I found my error.
live and learn.
BB
on Fri, Aug 13, 2004 at 05:28:48PM +1000, Broun, Bevan <brounb@adi-limited.com> wrote:
> Hi Koen, thanks for answering. Im pulling my hair out here.
>
> > Did you run dig & spfquery on the same box that is doing the checks??
>
> Yes.
>
> > And the obvious question: what has changed since the time it worked and
> > the time it didn't?
>
> This is a solaris 8 host. What I think is this: I compiled a new solaris
> (on a different box) and installed over the top of the solaris sendmail.
> Then we tested and everything was working. We decided to uninstall the
> solaris sendmail packages (there are two) so as not to get our own sendmain
> pkg overwritten by recommended patches. This removed files from /etc/mail
> (but I had that backed up) and the /etc/init.d/sendmail script (which I
> think is back to what I had).
>
> Then I reinstalled our sendmail pkg and replaced the /etc/mail directory.
> Im thinking that there is a permission problem perhaps.
>
> Currently Im adding write_log lines in sendmail-milter-spf-1.41.pl to see
> whats going on. It looks like sendmail is definitely using the milter but
> it's getting the "unknown" result, which would suggest sendmail is perhaps
> not passing the ip and email address to the milter.
>
> Do you know how to get more logging out of that milter (without editing
> code)
>
> Ive got to get this going tonight.
>
> Thanks
>
> BB
>
>
> >
> > Koen
> >
> > On Fri, Aug 13, 2004 at 04:44:04PM +1000, Broun, Bevan wrote:
> > > Im using the perl implementation
> > >
> > > spfquery gives the correct result:
> > >
> > > spfquery: domain of test@adi-limited.com does not designate 203.20.101.19
> > > as permitted sender
> > >
> > > thanks
> > >
> > > BB
> > >
> > > on Fri, Aug 13, 2004 at 03:40:17PM +1000, Broun, Bevan <brounb@adi-limited.com> wrote:
> > > > I had spf working in my test environment. It was working very nicely
> > > > rejecting forged mail. I cant figure out what's wrong now, Im getting
> > > >
> > > > Milter add: header: Received-SPF: unknown (hyperion.adi-limited.com:
> > > > error in processing during lookup of test@adi-limited.com)
> > > >
> > > > Note: that this is a test lab. Dont look up internet records for
> > > > adi-limited.com. In the lab Ive got from dig:
> > > >
> > > > ;; ANSWER SECTION:
> > > > adi-limited.com. 10800 IN TXT "v=spf1 a:hyperion.adi-limited.com -all"
> > > >
> > > > Im testing via telnet to port 25 - I am expecting to be getting rejected.
> > > >
> > > > help
> > > >
> > > > BB
> > > >
> > > > -------
> > > > Archives at http://archives.listbox.com/spf-help/current/
> > > > Donate! http://spf.pobox.com/donations.html
> > > > To unsubscribe, change your address, or temporarily deactivate your subscription,
> > > > please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com
> > >
> > > -------
> > > Archives at http://archives.listbox.com/spf-help/current/
> > > Donate! http://spf.pobox.com/donations.html
> > > To unsubscribe, change your address, or temporarily deactivate your subscription,
> > > please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com
> >
> > --
> > K.F.J. Martens, Sonologic, http://www.sonologic.nl/
> > Networking, embedded systems, unix expertise, artificial intelligence.
> > Public PGP key: http://www.metro.cx/pubkey-gmc.asc
> > Wondering about the funny attachment your mail program
> > can't read? Visit http://www.openpgp.org/
> >
> > -------
> > Archives at http://archives.listbox.com/spf-help/current/
> > Donate! http://spf.pobox.com/donations.html
> > To unsubscribe, change your address, or temporarily deactivate your subscription,
> > please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com
>
> -------
> Archives at http://archives.listbox.com/spf-help/current/
> Donate! http://spf.pobox.com/donations.html
> To unsubscribe, change your address, or temporarily deactivate your subscription,
> please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com
-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com