Hello
I am new to SPF and i install exim with SPF supports.
After the install i add the following line in the rcpt acl of my exim
configuration
file
deny message = $sender_host_address is not allowed to send mail from
$sender_address_domain
log_message = SPF check failded
spf = fail
This configuration can permit to test a fail forgery attemps from domains wich
publish
SPF records.(example aol.com)
A furgery aol mail from host 41.207.177.17 to my server give this error
"SPF result is unknown (permanent error) (7)"
**** SMTP testing session as if from host 41.207.177.17
**** but without any ident (RFC 1413) callback.
**** This is not for real!
host in hosts_connection_nolog? no (option unset)
host in host_lookup? yes (matched "*")
looking up host name for 41.207.177.17
IP address lookup yielded mail.togotel.net.tg
alias tgt1.togotel.net.tg
alias quota.togotel.net.tg
mail >>> gethostbyname looked up these IP addresses:
name=mail.togotel.net.tg address=41.207.177.17
checking addresses for mail.togotel.net.tg
41.207.177.17 OK
from>>> gethostbyname looked up these IP addresses:
name=tgt1.togotel.net.tg address=41.207.177.17
checking addresses for tgt1.togotel.net.tg
41.207.177.17 OK
:>>> gethostbyname looked up these IP addresses:
name=quota.togotel.net.tg address=41.207.177.17
checking addresses for quota.togotel.net.tg
41.207.177.17 OK
host in host_reject_connection? no (option unset)
host in sender_unqualified_hosts? no (option unset)
host in recipient_unqualified_hosts? no (option unset)
host in helo_verify_hosts? no (option unset)
host in helo_try_verify_hosts? no (option unset)
host in helo_accept_junk_hosts? no (option unset)
220 annuaire.trstech.net ESMTP Exim 4.68 Mon, 14 Jul 2008 19:09:20 +0000
mail from: sam(_at_)aol(_dot_)com
501 mail from: sam(_at_)aol(_dot_)com: missing or malformed local part
(expected word or "<")
quit
221 annuaire.trstech.net closing connection
[root(_at_)annuaire ~]# /usr/exim/bin/exim -bh 41.207.177.17
**** SMTP testing session as if from host 41.207.177.17
**** but without any ident (RFC 1413) callback.
**** This is not for real!
host in hosts_connection_nolog? no (option unset)
host in host_lookup? yes (matched "*")
looking up host name for 41.207.177.17
IP address lookup yielded tgt1.togotel.net.tg
alias quota.togotel.net.tg
alias mail.togotel.net.tg
gethostbyname looked up these IP addresses:
name=tgt1.togotel.net.tg address=41.207.177.17
checking addresses for tgt1.togotel.net.tg
41.207.177.17 OK
gethostbyname looked up these IP addresses:
name=quota.togotel.net.tg address=41.207.177.17
checking addresses for quota.togotel.net.tg
41.207.177.17 OK
gethostbyname looked up these IP addresses:
name=mail.togotel.net.tg address=41.207.177.17
checking addresses for mail.togotel.net.tg
41.207.177.17 OK
host in host_reject_connection? no (option unset)
host in sender_unqualified_hosts? no (option unset)
host in recipient_unqualified_hosts? no (option unset)
host in helo_verify_hosts? no (option unset)
host in helo_try_verify_hosts? no (option unset)
host in helo_accept_junk_hosts? no (option unset)
220 annuaire.trstech.net ESMTP Exim 4.68 Mon, 14 Jul 2008 19:09:52 +0000
mail from: sam(_at_)aol(_dot_)com
250 OK
rcpt to: geek(_at_)annuaire(_dot_)trstech(_dot_)net
using ACL "acl_check_rcpt"
processing "accept"
check hosts = :
host in ":"? no (end of list)
accept: condition test failed
processing "deny"
check domains = +local_domains
annuaire.trstech.net in "annuaire.trstech.net"? yes
(matched "annuaire.trstech.net")
annuaire.trstech.net in "+local_domains"? yes (matched "+local_domains")
check local_parts = ^[.] : ^(_dot_)*[(_at_)%!/|]
geek in "^[.] : ^(_dot_)*[(_at_)%!/|]"? no (end of list)
deny: condition test failed
processing "deny"
check domains = !+local_domains
annuaire.trstech.net in "!+local_domains"? no (matched "!+local_domains" -
cached)
deny: condition test failed
processing "accept"
check local_parts = postmaster
geek in "postmaster"? no (end of list)
accept: condition test failed
processing "require"
check verify = sender
routing sam(_at_)aol(_dot_)com
aol.com in "annuaire.trstech.net"? no (end of list)
aol.com in "! +local_domains"? yes (end of list)
calling dnslookup router
64.12.137.89 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
64.12.138.120 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
205.188.249.91 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
205.188.252.17 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
64.12.138.153 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
205.188.109.56 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
205.188.156.248 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
205.188.159.57 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
64.12.139.249 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
205.188.159.216 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
64.12.138.57 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
64.12.138.88 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
routed by dnslookup router
----------- end verify ------------
require: condition test succeeded
processing "accept"
check hosts = +relay_from_hosts
host in "127.0.0.1"? no (end of list)
host in "+relay_from_hosts"? no (end of list)
accept: condition test failed
processing "accept"
check authenticated = *
accept: condition test failed
processing "require"
check domains = +local_domains : +relay_to_domains
annuaire.trstech.net in "+local_domains : +relay_to_domains"? yes
(matched "+local_domains" - cached)
require: condition test succeeded
processing "require"
check verify = recipient
routing geek(_at_)annuaire(_dot_)trstech(_dot_)net
annuaire.trstech.net in "! +local_domains"? no (matched "! +local_domains"
-
cached)
calling system_aliases router
system_aliases router declined for
geek(_at_)annuaire(_dot_)trstech(_dot_)net
calling localuser router
routed by localuser router
----------- end verify ------------
require: condition test succeeded
processing "deny"
check spf = fail
SPF result is unknown (permanent error) (7)
deny: condition test failed
processing "accept"
accept: condition test succeeded
250 Accepted
Any help in order to resolve this problem will be appreciated.
--sam
--
TRS - Technologies Reseaux & Solutions (http://www.trstech.net)
-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/
Powered by Listbox: http://www.listbox.com