Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: SPF: Discuss

Help of SPF Implementations on exim

  

 
SPF discuss RSS feed   Index | Next | Previous | View Threaded


sam at trstech

Jul 14, 2008, 11:59 AM

Post #1 of 2 (1460 views)
Permalink
Help of SPF Implementations on exim
Hello

I am new to SPF and i install exim with SPF supports.
After the install i add the following line in the rcpt acl of my exim configuration
file

deny message = $sender_host_address is not allowed to send mail from
$sender_address_domain
log_message = SPF check failded
spf = fail

This configuration can permit to test a fail forgery attemps from domains wich publish
SPF records.(example aol.com)


A furgery aol mail from host 41.207.177.17 to my server give this error

"SPF result is unknown (permanent error) (7)"



**** SMTP testing session as if from host 41.207.177.17
**** but without any ident (RFC 1413) callback.
**** This is not for real!

>>> host in hosts_connection_nolog? no (option unset)
>>> host in host_lookup? yes (matched "*")
>>> looking up host name for 41.207.177.17
>>> IP address lookup yielded mail.togotel.net.tg
>>> alias tgt1.togotel.net.tg
>>> alias quota.togotel.net.tg
mail >>> gethostbyname looked up these IP addresses:
>>> name=mail.togotel.net.tg address=41.207.177.17
>>> checking addresses for mail.togotel.net.tg
>>> 41.207.177.17 OK
>>> name=tgt1.togotel.net.tg address=41.207.177.17
>>> checking addresses for tgt1.togotel.net.tg
>>> 41.207.177.17 OK
>>> name=quota.togotel.net.tg address=41.207.177.17
>>> checking addresses for quota.togotel.net.tg
>>> 41.207.177.17 OK
>>> host in host_reject_connection? no (option unset)
>>> host in sender_unqualified_hosts? no (option unset)
>>> host in recipient_unqualified_hosts? no (option unset)
>>> host in helo_verify_hosts? no (option unset)
>>> host in helo_try_verify_hosts? no (option unset)
>>> host in helo_accept_junk_hosts? no (option unset)
220 annuaire.trstech.net ESMTP Exim 4.68 Mon, 14 Jul 2008 19:09:20 +0000
mail from: sam [at] aol
501 mail from: sam [at] aol: missing or malformed local part (expected word or "<")
quit
221 annuaire.trstech.net closing connection
[root [at] annuair ~]# /usr/exim/bin/exim -bh 41.207.177.17

**** SMTP testing session as if from host 41.207.177.17
**** but without any ident (RFC 1413) callback.
**** This is not for real!

>>> host in hosts_connection_nolog? no (option unset)
>>> host in host_lookup? yes (matched "*")
>>> looking up host name for 41.207.177.17
>>> IP address lookup yielded tgt1.togotel.net.tg
>>> alias quota.togotel.net.tg
>>> alias mail.togotel.net.tg
>>> gethostbyname looked up these IP addresses:
>>> name=tgt1.togotel.net.tg address=41.207.177.17
>>> checking addresses for tgt1.togotel.net.tg
>>> 41.207.177.17 OK
>>> gethostbyname looked up these IP addresses:
>>> name=quota.togotel.net.tg address=41.207.177.17
>>> checking addresses for quota.togotel.net.tg
>>> 41.207.177.17 OK
>>> gethostbyname looked up these IP addresses:
>>> name=mail.togotel.net.tg address=41.207.177.17
>>> checking addresses for mail.togotel.net.tg
>>> 41.207.177.17 OK
>>> host in host_reject_connection? no (option unset)
>>> host in sender_unqualified_hosts? no (option unset)
>>> host in recipient_unqualified_hosts? no (option unset)
>>> host in helo_verify_hosts? no (option unset)
>>> host in helo_try_verify_hosts? no (option unset)
>>> host in helo_accept_junk_hosts? no (option unset)
220 annuaire.trstech.net ESMTP Exim 4.68 Mon, 14 Jul 2008 19:09:52 +0000
mail from: sam [at] aol
250 OK
rcpt to: geek [at] annuaire
>>> using ACL "acl_check_rcpt"
>>> processing "accept"
>>> check hosts = :
>>> host in ":"? no (end of list)
>>> accept: condition test failed
>>> processing "deny"
>>> check domains = +local_domains
>>> annuaire.trstech.net in "annuaire.trstech.net"? yes
(matched "annuaire.trstech.net")
>>> annuaire.trstech.net in "+local_domains"? yes (matched "+local_domains")
>>> check local_parts = ^[.] : ^.*[@%!/|]
>>> geek in "^[.] : ^.*[@%!/|]"? no (end of list)
>>> deny: condition test failed
>>> processing "deny"
>>> check domains = !+local_domains
>>> annuaire.trstech.net in "!+local_domains"? no (matched "!+local_domains" - cached)
>>> deny: condition test failed
>>> processing "accept"
>>> check local_parts = postmaster
>>> geek in "postmaster"? no (end of list)
>>> accept: condition test failed
>>> processing "require"
>>> check verify = sender
>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>> routing sam [at] aol
>>> aol.com in "annuaire.trstech.net"? no (end of list)
>>> aol.com in "! +local_domains"? yes (end of list)
>>> calling dnslookup router
>>> 64.12.137.89 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
>>> 64.12.138.120 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
>>> 205.188.249.91 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
>>> 205.188.252.17 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
>>> 64.12.138.153 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
>>> 205.188.109.56 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
>>> 205.188.156.248 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
>>> 205.188.159.57 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
>>> 64.12.139.249 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
>>> 205.188.159.216 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
>>> 64.12.138.57 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
>>> 64.12.138.88 in "0.0.0.0 : 127.0.0.0/8"? no (end of list)
>>> routed by dnslookup router
>>> ----------- end verify ------------
>>> require: condition test succeeded
>>> processing "accept"
>>> check hosts = +relay_from_hosts
>>> host in "127.0.0.1"? no (end of list)
>>> host in "+relay_from_hosts"? no (end of list)
>>> accept: condition test failed
>>> processing "accept"
>>> check authenticated = *
>>> accept: condition test failed
>>> processing "require"
>>> check domains = +local_domains : +relay_to_domains
>>> annuaire.trstech.net in "+local_domains : +relay_to_domains"? yes
(matched "+local_domains" - cached)
>>> require: condition test succeeded
>>> processing "require"
>>> check verify = recipient
>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>> routing geek [at] annuaire
>>> annuaire.trstech.net in "! +local_domains"? no (matched "! +local_domains" -
cached)
>>> calling system_aliases router
>>> system_aliases router declined for geek [at] annuaire
>>> calling localuser router
>>> routed by localuser router
>>> ----------- end verify ------------
>>> require: condition test succeeded
>>> processing "deny"
>>> check spf = fail
>>> SPF result is unknown (permanent error) (7)
>>> deny: condition test failed
>>> processing "accept"
>>> accept: condition test succeeded
250 Accepted


Any help in order to resolve this problem will be appreciated.

--sam
--
TRS - Technologies Reseaux & Solutions (http://www.trstech.net)



-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/
Powered by Listbox: http://www.listbox.com


peter at bowyer

Jul 14, 2008, 10:21 PM

Post #2 of 2 (1373 views)
Permalink
Re: Help of SPF Implementations on exim [In reply to]
2008/7/14 SODATONOU Dodji Comlan Samuel <sam [at] trstech>:
> Any help in order to resolve this problem will be appreciated.

You already started a thread on exim-users, which is where the experts
in Exim + SPF are. Best keep the conversation over there.

Peter


--
Peter Bowyer
Email: peter [at] bowyer
Follow me on Twitter: twitter.com/peeebeee


-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/
Powered by Listbox: http://www.listbox.com

SPF discuss RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.