Hello,
I have enabled SPF on one of my MX servers. When I was testing earlier,
it was working (i.e., rejecting mails for those who have SPF records,
and the mail not being sent through designated servers). Once I made
the switch to make it "live", so I could take my other MX server down
and enable SPF on it as well, the SPF suddenly does not seem to be
working.
To test, I sent email from <alan@murrell.ca> which was sent through the
MTA on my laoptop (which is *not* listed as a designated server). Here
is what shows up in the Postfix /var/log/mail/info logfile on the MX
Server:
--- CUT HERE ---
Jun 26 23:44:06 beltira postfix/policy-spf[16128]: : SPF none:
smtp_comment=SPF: domain of sender alan@murrell.ca does not designate
mailers, header_comment=beltira.van.i3dc.com: domain of alan@murrell.ca
does not designate permitted sender hosts
--- CUT HERE ---
Here is my SPF record, according to the 'host' command:
--- CUT HERE ---
[alan@polgara alan]$ host -t txt murrell.ca
murrell.ca text "v=spf1 ip4:66.119.171.194 ip4:66.119.171.195
ip4:66.119.171.206 -all"
--- CUT HERE ---
Here is my entry in main.cf:
--- CUT HERE ---
smtpd_recipient_restrictions =
...
check_policy_service unix:private/policy,
...
--- CUT HERE ---
and in master.cf, I have:
--- CUT HERE ---
...
policy unix - n n - - spawn
user=nobody argv=/usr/bin/perl /usr/lib/postfix/smtpd-spf_policy.pl
...
--- CUT HERE ---
(and yes, that's a hard return after "spawn")
I am puzzled as to why the policy script (same as from the SPF site) is
no longer able to pick this up?
About the only thing I really changed between "test" mode and making it
live was in master.cf, where Postfix was running in chroot mode, and I
changed it to not do so.
It actually makes no sense to me why it was apparently working fine
chroot'd when I was testing with only my domain on there, but as soon as
I made it "live", and had all our clients' domain going through it, I
was getting a "unknown user: nobody" error in the Postfix error log
file, but I am willing to let that one go :-)
One other thing: even when it was working prior to making it live, I was
not getting the "Received-SPF:" header; is there something else I need
to enable?
Any light you can shed on this, or help you can provide is greatly
appreciated.
Sincerely,
Alan Murrell
-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com
I have enabled SPF on one of my MX servers. When I was testing earlier,
it was working (i.e., rejecting mails for those who have SPF records,
and the mail not being sent through designated servers). Once I made
the switch to make it "live", so I could take my other MX server down
and enable SPF on it as well, the SPF suddenly does not seem to be
working.
To test, I sent email from <alan@murrell.ca> which was sent through the
MTA on my laoptop (which is *not* listed as a designated server). Here
is what shows up in the Postfix /var/log/mail/info logfile on the MX
Server:
--- CUT HERE ---
Jun 26 23:44:06 beltira postfix/policy-spf[16128]: : SPF none:
smtp_comment=SPF: domain of sender alan@murrell.ca does not designate
mailers, header_comment=beltira.van.i3dc.com: domain of alan@murrell.ca
does not designate permitted sender hosts
--- CUT HERE ---
Here is my SPF record, according to the 'host' command:
--- CUT HERE ---
[alan@polgara alan]$ host -t txt murrell.ca
murrell.ca text "v=spf1 ip4:66.119.171.194 ip4:66.119.171.195
ip4:66.119.171.206 -all"
--- CUT HERE ---
Here is my entry in main.cf:
--- CUT HERE ---
smtpd_recipient_restrictions =
...
check_policy_service unix:private/policy,
...
--- CUT HERE ---
and in master.cf, I have:
--- CUT HERE ---
...
policy unix - n n - - spawn
user=nobody argv=/usr/bin/perl /usr/lib/postfix/smtpd-spf_policy.pl
...
--- CUT HERE ---
(and yes, that's a hard return after "spawn")
I am puzzled as to why the policy script (same as from the SPF site) is
no longer able to pick this up?
About the only thing I really changed between "test" mode and making it
live was in master.cf, where Postfix was running in chroot mode, and I
changed it to not do so.
It actually makes no sense to me why it was apparently working fine
chroot'd when I was testing with only my domain on there, but as soon as
I made it "live", and had all our clients' domain going through it, I
was getting a "unknown user: nobody" error in the Postfix error log
file, but I am willing to let that one go :-)
One other thing: even when it was working prior to making it live, I was
not getting the "Received-SPF:" header; is there something else I need
to enable?
Any light you can shed on this, or help you can provide is greatly
appreciated.
Sincerely,
Alan Murrell
-------
Archives at http://archives.listbox.com/spf-help/current/
Donate! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-help@v2.listbox.com