Kenneth Roberts | 18 Jul 19:12

Who is Designated in SPF Record

I am having a little problem understanding who is suppose to be 
designated in the SPF record. Is it:

    - all hosts in that domain who are authorized to send email?

    - or the email server that they are authorized to use?

kr

S Clayman | 18 Jul 17:55
Picon

Newbie needs help

Hi

Having been receiving over 2000 unwanted emails today I finally have to do
something about it and my domain supplier told me about spf.

I have two mailboxes linked to two separate domains (one POP and one IMAP)
and I connect through my cable account. I also use the mailbox supplied by
the cable supplier. I seem to be experiencing the problem with only one
domain at present, although ideally I would like to protect them all.

I have looked at the wizard, but am a little confused when it comes to
transferring any settings to the DNS server.

I'm currently running Windows XP SP2 and (if it make any difference )
Outlook 2007.

My computer knowledge is OK, but not entirely clear when it comes to DNS
settings etc...

I hope that someone can assist please.

Kind Regards

Stephen

John Kirkwood | 18 Jul 17:17

SPF and Google Groups (sending on behalf of)

Dear all at SPF-help,

Conundrum:

user <at> un.org posts a message to the email list server
geneva-web-group <at> googlegroups.
Google Groups then sends a group email, marked From: user <at> un.org, but sent
using a Google mailserver.
The SPF record at un.org does not designate Google as a permitted sender.
My ISP blocks the email (dotster.com / mail3.dotsterhost.com - quite strict
on RFC and SPF imperfections, for example will <fail> on an invalid SPF
record).

 Received-SPF: pass (googlegroups.com designates 209.85.146.244 as a trusted
SMTP server)
 Received-SPF: fail (un.org does not designate 209.85.146.244 as a permitted
sender)

Any ideas? (Full headers of sent mail below - with sender's name changed -
email retrieved from a Death2Spam mail relay server).

Best regards,
John Kirkwood

>>>>>>>>>>>>>>>>>>>>>>>>>>>>

Date: Fri, 18 Jul 2008 02:49:21 -0700 (PDT)
From: User <user <at> un.org>
To: Geneva Web Group <geneva-web-group <at> googlegroups.com>
Subject: Web development job - paid this time...
(Continue reading)

Scott Kitterman | 17 Jul 17:33

Re: Problem with postfix-policyd-spf-perl

On Thu, 17 Jul 2008 11:22:13 -0400 John Adams <johna <at> onevista.com> wrote:
>On Thu July 17 2008, Scott Kitterman wrote:
>> > It's odd it only happens with Tiscali - the problem is we don't receive
>> > enough mail from them that I could sensibly turn on any sort of
>> > debugging because the logs would just fill before anything from them
>> > came in, and 8/10 times it'd be let in anyway.
>>
>> Jul 17 10:18:11 scott-laptop policyd-spf[18084]: Temperror; 
identity=helo;
>> client-ip=212.74.100.54; helo=mk-filter-3-a-4.mail.uk.tiscali.com;
>> envelope-from=test <at> tiscali.co.uk; receiver=test <at> mira.co.uk
>> Jul 17 10:18:42 scott-laptop policyd-spf[18084]: Temperror;
>> identity=mailfrom; client-ip=212.74.100.54;
>> helo=mk-filter-3-a-4.mail.uk.tiscali.com;
>> envelope-from=test <at> tiscali.co.uk; receiver=test <at> mira.co.uk
>>
>> I do get the reject from the Perl one, but I'm not sure why.  It will
>> defer on Temperror, not reject.
>
>the SPF record for mk-filter-3-a-4.mail.uk.tiscali.com is "v=spf1 a -all"
>the A record for mk-filter-3-a-4.mail.uk.tiscali.com is 212.74.100.42
>You are receiving mail from 212.74.100.54
>SPF seems to working correctly!

Interesting.

I'm away from wifi right now.  I don't think I was getting that.  Would 
someone please check and see if all their DNS servers are serving the same 
record?

(Continue reading)

Paul Hutchings | 17 Jul 15:02
Picon
Favicon

Problem with postfix-policyd-spf-perl

I'm using Postfix and postfix-policyd-spf-perl (2.005) and this last
couple of weeks I've been experiencing messages from @tiscali.co.uk
being bounced for failing SPF policy.  

Problem is whenever I use any online tester and enter the MTA and IP's
etc. they say it passes the policy, so now I'm a little unclear if it

could be something at my end, or a transient error with Tiscali's DNS or
MTAs (and I suspect trying to speak to anyone at Tiscali would take so
long it's simpler to just white list them).

This is an example of the rejection:

http://www.openspf.org/Why?s=helo&id=mk-filter-2-a-4.mail.uk.tiscali.com
&ip=212.74.100.53&r=relay.mira.co.uk

It only seems to happen with Tiscali.

As an example /var/log/maillog shows:

Jul 17 10:10:40 relay postfix/smtpd[3635]: connect from
mk-filter-3-a-1.mail.uk.tiscali.com[212.74.100.54]

Jul 17 10:10:41 relay postfix/policy-spf[3636]: handler
sender_policy_framework: is decisive.

Jul 17 10:10:41 relay postfix/policy-spf[3636]: : Policy action=550
Please see
http://www.openspf.org/Why?s=helo&id=mk-filter-3-a-4.mail.uk.tiscali.com
&ip=212.74.100.54&r=relay.mira.co.uk
(Continue reading)

John Blazek | 16 Jul 00:09

Re: Help - Disregard

You may Disregard my previous response, as it was based on the invalid IP.

However, you are, indeed, blacklisted:

The FIVETEN RBL entries are fairly irrelevant, as that RBL is pointless.

However, the 2x UCEPROTECT entries could cause you problems. It 
appears that your ISP is a haven for spammers and their entire /17 
netblock has been listed.

It will depend on how 'harsh' the recipient wants to be, and which 
RBL's they use. We use the lowest level-1 UCEPROTECT list, so your 
email to our mail servers would not be blocked. However, an 
aggressive mail administrator who uses Level2 or Level3 would block 
your inbound email.

<http://www.uceprotect.net/>UCEPROTECTL2 LISTED Net 81.192.128.0/17 
is UCEPROTECT-Level2 listed because of 826 abusers. Your ISP 
IAM-AS/AS6713 has to fix this. See: 
<http://www.uceprotect.net/rblcheck.php?ipr=81.192.160.35>Detail
Return codes were: 127.0.0.214741812

<http://www.uceprotect.net/>UCEPROTECTL3 LISTED Your ISP 
IAM-AS/AS6713 is UCEPROTECT-Level3 listed because he is responsible 
for a total of 11828 abusers on the net. See: 
<http://www.uceprotect.net/rblcheck.php?ipr=81.192.160.35>Detail
Return codes were: 127.0.0.2

-john

(Continue reading)

Jamil Bouchaibi | 15 Jul 17:23
Picon

Help

We just installed our SMTP server (Domino) and we bought a new domain and
asked for an MX record...well he have done evrything needed to have our mail
server working and we succeded...Howerver, lately we noticed that gmail ,
hotmail  yahoo and other known webmail don't receive our emails, we can
receive emails friom them but we can't send...
It's important to explain the timeline so you can understand:
First we bought a domain name : oilibya.ma
We bought a range of IP addresses 81.192.160.32 --- 81.192.160.44
we asked for an MX record entry on the DNS : 10  mail.oilibya.ma
81.192.160.35  259200
It worked juts fine...
Then our local carrier made a mitstake and put 80.192.160.35  instead of
81.192.160.35
so it was replicated on all the DNS servers and we couldn't receive emails
then we contacted them and we asked them to rechange it to
81.192.160.35...they did and we started to receive emails
but since then we couldn't send to gmail and hotmail....
so we contacted them and they said they forgot to put an entry for
rDNS....so they corrected that and I could check It's working, the reverse
resolution is effectivly done hoewever we still cannot send to gmail and
hotmail  (we receive)
I started to check the headers of the emaisl that I received when the
setting was working and I discovered the SPF...now I just wanted you to help
me out to find why gmail, hotmail and other known webmail are not receiving
our emails...is it because of the SPF...should we ask our provider to create
an SPF entry ???
I have copied and pasted below the headers that worked before to send to
gmail

   Hop
(Continue reading)

Jigar Raval | 10 Jul 05:54
Picon
Favicon

spf and gmail

Dear All,

We have published our spf record. By spf testing tool, it shows working fine. But when i send a mail with my
domain which is not generated from autorized server, the gmail accept. By checking full header in gmail,
it shows hardfail etc.. So, if gmail has adpoted spf checking and the domain who has published spf why gmail
is accepting mail ? What is the reason ?

With Regards,

Raval Jigar A.
Engineer-SC (Computer)
Physical Research Laboratory
(Dept. Of Space, Govt. of India)
Ahmedabad-9.

spf-help-request | 20 Dec 14:07

You have left spf-help

Your email address

  gmssh-spf-help-1 <at> m.gmane.org

has been unsubscribed from spf-help.

No further action is necessary.  Thank you for being with us.

(If you did not initiate this unsubscription, please visit
  http://v2.listbox.com/member/?member_id=6959933&id_secret=77979154-758a52
to resubscribe.  You can also set a password to prevent
future malicious unsubscriptions.)

-----------------------------------------------------------

**** PLEASE NOTE ****

We are getting reports of INVOLUNTARY UNSUBSCRIBTIONS.
We believe that there is a bug in the list software so
that people may be unsubscribed without asking to be
unsubscribed.  The message may say that you were dropped
by the list moderator, but that part of the message is
false.  If this happened to you, please resubscribe.

liz | 20 Dec 02:36

Your email requires verification verify#2bPR4LXfN4Ie6ikJyOhLxP5cuuzILpiW

The message you sent requires that you verify that you 
are a real live human being and not a spam source.

To complete this verification, simply reply to this message and leave
the subject line intact.

The headers of the message sent from your address are shown below:

From listbox+trampoline+P8+KBBb+smqI65au3BGlc9TDjEut-A+En22g <at> jeeves.archives.listbox.com Wed
Dec 19 20:37:57 2007
Received: from thorn.listbox.com ([208.210.124.75]:34857)
 by server.cpanelzone.info with esmtp (Exim 4.66)
 (envelope-from <listbox+trampoline+P8+KBBb+smqI65au3BGlc9TDjEut-A+En22g <at> jeeves.archives.listbox.com>)
 id 1J5AMH-0003gS-2h
 for liz <at> lizwilliams.org; Wed, 19 Dec 2007 20:37:57 -0500
Received: from localhost.localdomain (localhost [127.0.0.1])
	by thorn.listbox.com (Postfix) with ESMTP id 088C7484B
	for <liz <at> lizwilliams.org>; Wed, 19 Dec 2007 20:03:03 -0500 (EST)
Received: from localhost.localdomain (localhost [127.0.0.1]) by
 orion.listbox.com (Postfix) with ESMTP id B0FC97000CC for
 <spf-help <at> v2.listbox.com.email.yay>; Wed, 19 Dec 2007 20:00:21 -0500 (EST)
Received: from ciao.gmane.org (main.gmane.org [80.91.229.2]) by
 orion.listbox.com (Postfix) with ESMTP id 7391A7000CB for
 <spf-help <at> v2.listbox.com>; Wed, 19 Dec 2007 20:00:12 -0500 (EST)
Received: from root by ciao.gmane.org with local (Exim 4.43) id
 1J59lb-00022a-1V for spf-help <at> v2.listbox.com; Thu, 20 Dec 2007 01:00:03 +0000
Received: from ool-182ec67d.dyn.optonline.net ([24.46.198.125]) by
 main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for
 <spf-help <at> v2.listbox.com>; Thu, 20 Dec 2007 01:00:03 +0000
Received: from supamaki by ool-182ec67d.dyn.optonline.net with local (Gmexim
(Continue reading)

Thomas | 20 Dec 01:53
Picon

Newbie Question

I just started work as a tech for an ISP. 
I was setting up email for a client today. 
He changed ISP's because someone 
was sending Spam from his email account(s).
I understand I can set up an SPF record on his end.
How do you get all other mail servers to check for the record? 
It seems that even if this is set up, and millions 
of pieces of spam are being blasted as coming from this
account, unless ever mail server receiving them is 
checking for SPF records,
it's not going to help. Am I reading this wrong? 
Any guidance would be appreciated.

-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Archives: http://v2.listbox.com/member/archive/1020/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/1020/
Modify Your Subscription: http://v2.listbox.com/member/?member_id=6959933&id_secret=77859031-8df6fa
Powered by Listbox: http://www.listbox.com


Gmane