SPF...Again

Use this forum if you have installed hMailServer and want to ask a question related to a production release of hMailServer. Before posting, please read the troubleshooting guide. A large part of all reported issues are already described in detail here.
Post Reply
armopop
Normal user
Normal user
Posts: 96
Joined: 2008-08-23 23:20
Location: Canada

SPF...Again

Post by armopop » 2009-11-15 05:25

Hello guys;
Just don't know why the SPF check returns with a score of Zero for every single spam message that we receive. Spammers using our own domain name as sender go through SPF check clean.

Thank you.

^DooM^
Site Admin
Posts: 13861
Joined: 2005-07-29 16:18
Location: UK

Re: SPF...Again

Post by ^DooM^ » 2009-11-15 11:48

What Version of hMail are you using?
If at first you don't succeed, bomb disposal probably isn't for you! ヅ

armopop
Normal user
Normal user
Posts: 96
Joined: 2008-08-23 23:20
Location: Canada

Re: SPF...Again

Post by armopop » 2009-11-15 16:10

Thanks DooM;
Latest 5.3 Production

User avatar
martin
Developer
Developer
Posts: 6834
Joined: 2003-11-21 01:09
Location: Sweden
Contact:

Re: SPF...Again

Post by martin » 2009-11-15 16:12

Have you checked what SMTP envelope address they're using to send the message?
Have you enabled Anti-Spam in all IP ranges?
Could it be that you have a white-listing record which have accidentally white listed them?

^DooM^
Site Admin
Posts: 13861
Joined: 2005-07-29 16:18
Location: UK

Re: SPF...Again

Post by ^DooM^ » 2009-11-15 16:25

Make sure you have enabled local to local authentication on the Internet IP range
If at first you don't succeed, bomb disposal probably isn't for you! ヅ

armopop
Normal user
Normal user
Posts: 96
Joined: 2008-08-23 23:20
Location: Canada

Re: SPF...Again

Post by armopop » 2009-11-15 19:02

Martin;
They are using all kinds of enveloppes, this is not about one domain. I have too many routed domains and too many local domains. Yes Antispam is enabled on all IP ranges and no they are not white listed. I'm talking about all messages, no matter to what domain. SPF is set for a score of 3, but if i check my logs for the last couple of months. all the SPF checks come back with a 0.

I will check to see as DooM stated, if i have the local to local authentication is checked on the internet.

armopop
Normal user
Normal user
Posts: 96
Joined: 2008-08-23 23:20
Location: Canada

Re: SPF...Again

Post by armopop » 2009-11-15 19:12

Doom;
Yes . local to local authentication is on on the internet.

User avatar
martin
Developer
Developer
Posts: 6834
Joined: 2003-11-21 01:09
Location: Sweden
Contact:

Re: SPF...Again

Post by martin » 2009-11-15 20:00

Have you added any forwarding relays in the installation?
Can you post a snippet from the log with an example where the problem occur? Including the sender IP and email address.

armopop
Normal user
Normal user
Posts: 96
Joined: 2008-08-23 23:20
Location: Canada

Re: SPF...Again

Post by armopop » 2009-11-16 03:52

Routed domains only. I will pm you with a log

User avatar
martin
Developer
Developer
Posts: 6834
Joined: 2003-11-21 01:09
Location: Sweden
Contact:

Re: SPF...Again

Post by martin » 2009-11-16 18:41

The SPF record for that domain is configured with ~all, in other words "softfail".

hMailServer only treat FAIL-result as spam. Softfail is let through.

See http://old.openspf.org/wizard.html?mydomain=example.com if you want details.

armopop
Normal user
Normal user
Posts: 96
Joined: 2008-08-23 23:20
Location: Canada

Re: SPF...Again

Post by armopop » 2009-11-17 16:48

I knew you were great but i was mistaken, you are more than that. Problem fixed by changing the TXT records to implicit deny (-all).
Thanks a million.

westdam
Senior user
Senior user
Posts: 728
Joined: 2006-08-01 21:24
Location: Padova, Italy
Contact:

Re: SPF...Again

Post by westdam » 2009-11-17 17:12

martin,not to be polemic.. but SPF wizards and docs suggest to use soft-fail..
i agree with you to use fail ( and i'm using it with great satisfaction :D ) but this cause some trouble.. what about a suggestion on your docs to use fail instead sof-fail in the txt-records?

^DooM^
Site Admin
Posts: 13861
Joined: 2005-07-29 16:18
Location: UK

Re: SPF...Again

Post by ^DooM^ » 2009-11-17 17:28

Perhaps this should be marked with a header if it passes with a soft fail

X-hMailServer-SPF: SOFTFAIL / FAIL / PASS
If at first you don't succeed, bomb disposal probably isn't for you! ヅ

westdam
Senior user
Senior user
Posts: 728
Joined: 2006-08-01 21:24
Location: Padova, Italy
Contact:

Re: SPF...Again

Post by westdam » 2009-11-17 17:56

mm ok, agree with doom.

Post Reply