?
Solved

SPF_SOFTFAIL on local mail

Posted on 2008-10-21
8
Medium Priority
?
876 Views
Last Modified: 2013-12-09
Hi!

Apparently SPF records do not get checked when receiving mail from local senders (e.g. when I send mail to myself). However, SpamAssassin's SPF_SOFTFAIL rule still kicks in. It probably doesn't matter much since that rule isn't going to bump up the score high enough on genuine local mail to get tagged but still something that should get fixed regardless ....

Any ideas/help would be appreciated.
0
Comment
Question by:Julian Matz
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
8 Comments
 
LVL 4

Expert Comment

by:urgoll
ID: 22777197
Hello,
if SpamAssassin triggers a SPF_SOFTFAIL, then it means that you do have a SPF record for your domain. If so, you should either:
- modify your SPF record to allow mail from local sources
- configure spamassassin to NOT do SPF checks on your domain using:
whitelist_from_spf *@example.com

but that would allow spammers to spoof your own domain, thus reducing the usefulness of SPF checks.

Regards,
Christophe
0
 
LVL 21

Author Comment

by:Julian Matz
ID: 22778436
Hi Christophe,

I do have SPF set up for my domain. It seems to be set up correctly and when I run tests using my mail server's IPs they all result in SPF Pass. Postfix also seems to be set up correctly since I can see (SPF none | SPF pass | SPF softfail) in message headers. It's just when I send mail from one of my own accounts to myself that (presumably) Postfix doesn't check SPF but SA does. Does this make sense?
0
 
LVL 4

Expert Comment

by:urgoll
ID: 22779092
How do you send emails to yourself ? Do you sent your SMTP server on your mail client to your postfix server on port 25, or do you use some other server ?

Assuming you are using postfix as your SMTP server, then it is not doing the SPF check as it hits the 'permit_mynetworks' smtpd restriction rule. However, SpamAssassin has no such knowledge of 'allowed local subnets' and doesn't make a difference between original submission and relaying. So you may have to add to your SPF record your local network addresses as allowed senders.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 21

Author Comment

by:Julian Matz
ID: 22779204
I use my mail client (Mozilla Thunderbird) to connect to my SMTP server (Postfix) on port 25.

These are the headers I receive:

X-Spam-Status: No, score=-1.3 required=5.0 tests=AWL,BAYES_00,RDNS_NONE,
      SPF_SOFTFAIL autolearn=no version=3.2.3

Received: from [127.0.0.1] (unknown [CLIENT_IP_ADDRESS])
      by MAIL_SERVER_FQDN (Postfix) with ESMTP id 7C00B5AE
      for <info@xxxxx.com>; Tue, 21 Oct 2008 20:56:44 +0100 (IST)


Do you mean add 127.0.0.1 to my SPF record?
0
 
LVL 4

Accepted Solution

by:
urgoll earned 2000 total points
ID: 22779281
Yes, if you were to add 'ip4:127.0.0.1' to your SPF record, the problem would likely go away.

Also note that you have this test failing: RDNS_NONE

which means that your DNS server isn't probably configured to resolve the reverse lookup of 127.0.0.1. It should reverse to 'localhost' and 'localhost' should resolve to 127.0.0.1

Regards,
Christophe
0
 
LVL 21

Author Comment

by:Julian Matz
ID: 22779892
Ok, I know how rDNS works in general, but not sure about local/internal IPs.

When I type following:
$ host 127.0.0.1

I get this:
1.0.0.127.in-addr.arpa domain name pointer localhost.

I thought it would be more likely that the RDNS_NONE rule was being applied to my client IP assigned (by my ISP) to the machine from which I sent the email?
0
 
LVL 4

Expert Comment

by:urgoll
ID: 22780763
RDNS_NONE applies to the client IP address as seen from Postfix. In this case:

Received: from [127.0.0.1] (unknown [CLIENT_IP_ADDRESS])
      by MAIL_SERVER_FQDN (Postfix) with ESMTP id 7C00B5AE
      for ; Tue, 21 Oct 2008 20:56:44 +0100 (IST)

it appears to be the localhost.

Anyway, it doesn't seem to matter. I also noticed in the SpamAssassin that RDNS_NONE can sometimes be triggered regardless of the actual rDNS status for trusted sources. Tis may be the case.

0
 
LVL 21

Author Closing Comment

by:Julian Matz
ID: 31508557
Thanks!
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

An introduction to the wonderful sport of Scam Baiting.  Learn how to help fight scammers by beating them at their own game. This great pass time helps the world, while providing an endless source of entertainment. Enjoy!
This article outlines some of the reasons why an email message gets flagged as spam on a recipient's end.
Familiarize people with the process of utilizing SQL Server views from within Microsoft Access. Microsoft Access is a very powerful client/server development tool. One of the SQL Server objects that you can interact with from within Microsoft Access…
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question