Check the MX record(s) for your domain. Mail should be sent to whatever
server is listed in the MX records. I guess they point to your ISP, but
they should point to your mail server. Maybe you don't have a full time
internet connection, so your ISP queues your mail until you connect. If
this is the case, your ISP must do the SPF check.
I am not an expert, so wait for a second opinion! :)
You could give more details, like domain name and your mail server's IP
address. And your ISP's mail server IP address. I could then look at the
MX records as I see them. Your view of them could be different.
This may help:
# dig +short mx ses.tas.gov.au
30 mail3.tas.gov.au.
20 mail1.tas.gov.au.
20 mail2.tas.gov.au.
# host mail3.tas.gov.au.
mail3.tas.gov.au has address 202.7.15.74
# host mail1.tas.gov.au.
mail1.tas.gov.au has address 202.7.15.71
# host mail2.tas.gov.au.
mail2.tas.gov.au has address 202.7.15.72
Guy
-----Original Message-----
From: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com] On Behalf Of Rolf
Sent: Wednesday, November 24, 2004 1:24 AM
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: [spf-discuss] SPF lookup with intermediate ISP mail relay
Hello
I have recently setup SPF checks here. Not yet doing the DNS TXT
records, only checking the mail as it arrives.
The problem is that all the mail is not delivered to the local mail
server from the originating mail server, it goes via an ISP. So that
ISP's server is effectively relaying it to here.
The SPF implementation here is doing its job perfectly. When for eg,
mail arrives from hotmail.com (who advertise SPF records), it find the
records and decides the SPF test failed by quite reasonably saying that
the address of our ISP's relying mail server (from which the mail
arrived) is not the same as that advertised by hotmail.com
In the msg headers there is a Received: for every hop, including the
hotmail server.
Does anyone know what if anything I can adjust to make SPF match the
right header info, or how I might adjust the headers (using sendmail)
as they arrive so that the right info can be seen?
The only clue I have found so far is "sendmail will not expose the MAIL
FROM: sender address by default. So
if you're using sendmail, please add this to /etc/sendmail.cf :
H?l?X-Envelope-From: $f
Does that make any sense?
I did this (to /etc/mail/sendmail.cf) but its made no difference and
indeed no header titled 'X-Envelope-From:' is added to incoming mail
that sendmail is processing. If that is indeed the solution, is there
some trick to getting sendmail.cf to have that added to the messages?
many thanks
rolf.
-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
http://www.InboxEvent.com/?s=d --- Inbox Event Nov 17-19 in Atlanta features
SPF and Sender ID.
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com