[spf-discuss] Help of SPF Implementations on exim

Hello

I am new to SPF and i install exim with SPF supports.
 After the install i add the following line in the rcpt acl of my exim 
configuration 
file

deny message = $sender_host_address is not allowed to send mail from 
$sender_address_domain 
log_message = SPF check failded 
spf = fail 

This configuration can permit to test a fail forgery attemps from domains wich 
publish 
SPF records.(example aol.com)


A furgery aol mail from host 41.207.177.17 to  my server give this error

"SPF result is unknown (permanent error) (7)"



**** SMTP testing session as if from host 41.207.177.17
**** but without any ident (RFC 1413) callback.
**** This is not for real!

> > > host in hosts_connection_nolog? no (option unset)
> > > host in host_lookup? yes (matched "*")
> > > looking up host name for 41.207.177.17
> > > IP address lookup yielded mail.togotel.net.tg
> > >   alias tgt1.togotel.net.tg
> > >   alias quota.togotel.net.tg
mail >>> gethostbyname looked up these IP addresses:
> > >   name=mail.togotel.net.tg address=41.207.177.17
> > > checking addresses for mail.togotel.net.tg
> > >   41.207.177.17 OK
from>>> gethostbyname looked up these IP addresses:
> > >   name=tgt1.togotel.net.tg address=41.207.177.17
> > > checking addresses for tgt1.togotel.net.tg
> > >   41.207.177.17 OK
:>>> gethostbyname looked up these IP addresses:
> > >   name=quota.togotel.net.tg address=41.207.177.17
> > > checking addresses for quota.togotel.net.tg
> > >   41.207.177.17 OK
> > > host in host_reject_connection? no (option unset)
> > > host in sender_unqualified_hosts? no (option unset)
> > > host in recipient_unqualified_hosts? no (option unset)
> > > host in helo_verify_hosts? no (option unset)
> > > host in helo_try_verify_hosts? no (option unset)
> > > host in helo_accept_junk_hosts? no (option unset)
220 annuaire.trstech.net ESMTP Exim 4.68 Mon, 14 Jul 2008 19:09:20 +0000
mail from: sam(_at_)aol(_dot_)com
501 mail from: sam(_at_)aol(_dot_)com: missing or malformed local part 
(expected word or "<")
quit
221 annuaire.trstech.net closing connection
[root(_at_)annuaire ~]# /usr/exim/bin/exim -bh 41.207.177.17

**** SMTP testing session as if from host 41.207.177.17
**** but without any ident (RFC 1413) callback.
**** This is not for real!

> > > host in hosts_connection_nolog? no (option unset)
> > > host in host_lookup? yes (matched "*")
> > > looking up host name for 41.207.177.17
> > > IP address lookup yielded tgt1.togotel.net.tg
> > >   alias quota.togotel.net.tg
> > >   alias mail.togotel.net.tg
> > > gethostbyname looked up these IP addresses:
> > >   name=tgt1.togotel.net.tg address=41.207.177.17
> > > checking addresses for tgt1.togotel.net.tg
> > >   41.207.177.17 OK
> > > gethostbyname looked up these IP addresses:
> > >   name=quota.togotel.net.tg address=41.207.177.17
> > > checking addresses for quota.togotel.net.tg
> > >   41.207.177.17 OK
> > > gethostbyname looked up these IP addresses:
> > >   name=mail.togotel.net.tg address=41.207.177.17
> > > checking addresses for mail.togotel.net.tg
> > >   41.207.177.17 OK
> > > host in host_reject_connection? no (option unset)
> > > host in sender_unqualified_hosts? no (option unset)
> > > host in recipient_unqualified_hosts? no (option unset)
> > > host in helo_verify_hosts? no (option unset)
> > > host in helo_try_verify_hosts? no (option unset)
> > > host in helo_accept_junk_hosts? no (option unset)
220 annuaire.trstech.net ESMTP Exim 4.68 Mon, 14 Jul 2008 19:09:52 +0000
mail from: sam(_at_)aol(_dot_)com
250 OK
rcpt to: geek(_at_)annuaire(_dot_)trstech(_dot_)net
> > > using ACL "acl_check_rcpt"
> > > processing "accept"
> > > check hosts = :
> > > host in ":"? no (end of list)
> > > accept: condition test failed
> > > processing "deny"
> > > check domains = +local_domains
> > > annuaire.trstech.net in "annuaire.trstech.net"? yes 
(matched "annuaire.trstech.net")
> > > annuaire.trstech.net in "+local_domains"? yes (matched "+local_domains")
> > > check local_parts = ^[.] : ^(_dot_)*[(_at_)%!/|]
> > > geek in "^[.] : ^(_dot_)*[(_at_)%!/|]"? no (end of list)
> > > deny: condition test failed
> > > processing "deny"
> > > check domains = !+local_domains
> > > annuaire.trstech.net in "!+local_domains"? no (matched "!+local_domains" - 
> > > cached)
> > > deny: condition test failed
> > > processing "accept"
> > > check local_parts = postmaster
> > > geek in "postmaster"? no (end of list)
> > > accept: condition test failed
> > > processing "require"
> > > check verify = sender
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >
> > > routing sam(_at_)aol(_dot_)com
> > > aol.com in "annuaire.trstech.net"? no (end of list)
> > > aol.com in "! +local_domains"? yes (end of list)
> > > calling dnslookup router
> > > 64.12.137.89 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
> > > 64.12.138.120 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
> > > 205.188.249.91 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
> > > 205.188.252.17 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
> > > 64.12.138.153 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
> > > 205.188.109.56 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
> > > 205.188.156.248 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
> > > 205.188.159.57 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
> > > 64.12.139.249 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
> > > 205.188.159.216 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
> > > 64.12.138.57 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
> > > 64.12.138.88 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
> > > routed by dnslookup router
> > > ----------- end verify ------------
> > > require: condition test succeeded
> > > processing "accept"
> > > check hosts = +relay_from_hosts
> > > host in "127.0.0.1"? no (end of list)
> > > host in "+relay_from_hosts"? no (end of list)
> > > accept: condition test failed
> > > processing "accept"
> > > check authenticated = *
> > > accept: condition test failed
> > > processing "require"
> > > check domains = +local_domains : +relay_to_domains
> > > annuaire.trstech.net in "+local_domains : +relay_to_domains"? yes 
(matched "+local_domains" - cached)
> > > require: condition test succeeded
> > > processing "require"
> > > check verify = recipient
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >
> > > routing geek(_at_)annuaire(_dot_)trstech(_dot_)net
> > > annuaire.trstech.net in "! +local_domains"? no (matched "! +local_domains" 
> > > - 
cached)
> > > calling system_aliases router
> > > system_aliases router declined for 
> > > geek(_at_)annuaire(_dot_)trstech(_dot_)net
> > > calling localuser router
> > > routed by localuser router
> > > ----------- end verify ------------
> > > require: condition test succeeded
> > > processing "deny"
> > > check spf = fail
> > > SPF result is unknown (permanent error) (7)
> > > deny: condition test failed
> > > processing "accept"
> > > accept: condition test succeeded
250 Accepted


Any help in order to resolve this problem will be appreciated. 

--sam 
--
TRS - Technologies Reseaux & Solutions (http://www.trstech.net)



-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/
Powered by Listbox: http://www.listbox.com