Hello all,
Is the dns lookup limit a default of SPF and everyone using spf has the
same, or is controlled per server?
Messages get through to our server, looking like they are from us, but of
course it's not.
I have tested the spf record using online tools and it seems to pass those
tests linked from openspf.org, I believe the reason here is because I put in
either a real ip of ours ( match ip4 ) or one that's not ours ( fail ).
Guessing that's why it's not failing there, no DNS lookups.
My own server gives me the below error which then doesn't reject the message
and lets it through:
Received-SPF: permerror (mydomain.com: Maximum void DNS look-ups limit (2)
exceeded) receiver=myserver.mydomain.com; identity=mailfrom;
envelope-from="mike@mydomain.com"; helo="[190.9.95.66]";
client-ip=190.9.95.66
Received: from [190.9.95.66] (unknown [190.9.95.66])
by myserver.mydomain.com (Postfix) with ESMTP id CE79C264013
for <mike@mydomain.com>; Thu, 28 May 2009 11:12:31 -0400
(EDT)
Message-Id: OWKYIJ80492.13AE1B5@[190.9.95.66]
Since I am using IP4 for all of our servers I know that's not the problem,
we do have the following which I believe may be the problem:
ptr:notify-customer.com ptr:enom.com ptr:opensrs.com
They do send message as us at times, so we need to allow them, however they
don't have the information to provide specifically what servers are sending
out messages.
Plugging in the real information from above ( only my doman is concealed )
into Beveridge Hosting - SPF Test I get the following:
fail Please see
http://www.openspf.org/why.html?sender=mike%40mydomain.com&ip=190.9.95.66&re
ceiver=tools.bevhost.com tools.bevhost.com: domain of mike@mydomain.com does
not designate 190.9.95.66 as permitted sender v=spf1 a:earth.mydomain.com
ip4:200.200.100.0/23 ptr:notify-customer.com ptr:enom.com ptr:opensrs.net
-all HASH(0x8a80780)
So this looks like my record is working perfectly, but am at a loss on how
to resolve this, and want to insure we are not screwing real messages in the
process on other servers.
We are using Mail::SPF -- v2.006 from cpan.
In our postfix install we have in main.cf: check_policy_service
unix:private/policy
In master.cf we have:
policy unix - n n - - spawn
user=nobody argv=/usr/local/lib/policyd-spf-perl
I appreciate your help with this issue which is driving me nuts!
Joey
-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/1020/=now
RSS Feed: https://www.listbox.com/member/archive/rss/1020/
Powered by Listbox: http://www.listbox.com
Is the dns lookup limit a default of SPF and everyone using spf has the
same, or is controlled per server?
Messages get through to our server, looking like they are from us, but of
course it's not.
I have tested the spf record using online tools and it seems to pass those
tests linked from openspf.org, I believe the reason here is because I put in
either a real ip of ours ( match ip4 ) or one that's not ours ( fail ).
Guessing that's why it's not failing there, no DNS lookups.
My own server gives me the below error which then doesn't reject the message
and lets it through:
Received-SPF: permerror (mydomain.com: Maximum void DNS look-ups limit (2)
exceeded) receiver=myserver.mydomain.com; identity=mailfrom;
envelope-from="mike@mydomain.com"; helo="[190.9.95.66]";
client-ip=190.9.95.66
Received: from [190.9.95.66] (unknown [190.9.95.66])
by myserver.mydomain.com (Postfix) with ESMTP id CE79C264013
for <mike@mydomain.com>; Thu, 28 May 2009 11:12:31 -0400
(EDT)
Message-Id: OWKYIJ80492.13AE1B5@[190.9.95.66]
Since I am using IP4 for all of our servers I know that's not the problem,
we do have the following which I believe may be the problem:
ptr:notify-customer.com ptr:enom.com ptr:opensrs.com
They do send message as us at times, so we need to allow them, however they
don't have the information to provide specifically what servers are sending
out messages.
Plugging in the real information from above ( only my doman is concealed )
into Beveridge Hosting - SPF Test I get the following:
fail Please see
http://www.openspf.org/why.html?sender=mike%40mydomain.com&ip=190.9.95.66&re
ceiver=tools.bevhost.com tools.bevhost.com: domain of mike@mydomain.com does
not designate 190.9.95.66 as permitted sender v=spf1 a:earth.mydomain.com
ip4:200.200.100.0/23 ptr:notify-customer.com ptr:enom.com ptr:opensrs.net
-all HASH(0x8a80780)
So this looks like my record is working perfectly, but am at a loss on how
to resolve this, and want to insure we are not screwing real messages in the
process on other servers.
We are using Mail::SPF -- v2.006 from cpan.
In our postfix install we have in main.cf: check_policy_service
unix:private/policy
In master.cf we have:
policy unix - n n - - spawn
user=nobody argv=/usr/local/lib/policyd-spf-perl
I appreciate your help with this issue which is driving me nuts!
Joey
-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/1020/=now
RSS Feed: https://www.listbox.com/member/archive/rss/1020/
Powered by Listbox: http://www.listbox.com