SPF Engine

postfix-policyd-spf-python

Asked by Dino Edwards

Hi,

I have an issue about a rejected e-mail due to SPF fail. Our e-mail server rejected a message with the following error:

NOQUEUE: reject: RCPT from smtp15-ia5-sp1.mta.salesforce.com[13.110.78.238]: 550 5.7.23 : Recipient address rejected: Message rejected due to: SPF fail - not authorized. Please see http://www.openspf.net/Why?s=mfrom;<email address hidden>;ip=13.110.78.238;r=; from= to= proto=ESMTP helo=

The sender insisted that their SPF record was setup correctly. After looking into it, I saw that their SPF record was using macros. I asked in the postfix-users mailing list if postfix-policyd-spf-python supported SPF macros and Scott K responded that it did indeed support macros. I tested the IP address of the rejected e-mail on https://kitterman.com/spf/validate.html and it passed.

So, I'm just trying to figure out why it got rejected by SPF.

Thanks in advance.

Question information

Language:
English Edit question
Status:
Answered
For:
SPF Engine Edit question
Assignee:
No assignee Edit question
Last query:
Last reply:
Revision history for this message
Scott Kitterman (kitterman) said : 		#1

Both the policy server and the web validator use pyspf for SPF processing, so they should, in theory, get the same result. With macros it is very difficult to tell if a particular IP address should pass or not. Here's what they have:

v=spf1 include:%{ir}.%{v}.%{d}.spf.has.pphosted.com

Presumably pphosted has a database backed that is updated with their list of valid IP address/domain combinations. My guess is that pphosted had an error in their database, which has since been fixed, but that's a guess. There's no way to tell for sure.

Revision history for this message
Kilian Ries (discostur) said : 		#2
Revision history for this message
Kilian Ries (discostur) said : 		#3

Hi,

just had exact the same problem and can't see any error in the setup ... the situation is the following:

# Postfix error:
policyd-spf[2116106]: 550 5.7.23 Message rejected due to: SPF fail - not authorized. Please see http://www.openspf.net/Why?s=mfrom;<email address hidden>;ip=207.54.65.231;r=<UNKNOWN>

postfix/smtpd[2116102]: NOQUEUE: reject: RCPT from esa12.hc210-93.eu.iphmx.com[207.54.65.231]: 550 5.7.23 <email address hidden>: Recipient address rejected: Message rejected due to: SPF fail - not authorized. Please see http://www.openspf.net/Why?s=mfrom;<email address hidden>;ip=207.54.65.231;r=<UNKNOWN>; from=<email address hidden> to=<email address hidden> proto=ESMTP helo=<esa12.hc210-93.eu.iphmx.com>

# SPF lookup:
https://www.spf-record.de/spf-lookup/unicredit.de?ip=207.54.69.114&opt_out=on

# SPF test on kitterman's website:
Mail sent from this IP address: 207.54.65.231
Mail from (Sender): <email address hidden>
Mail checked using this SPF policy: v=spf1 exists:%{i}.spf.hc210-93.eu.iphmx.com
Results - PASS sender SPF authorized

# Manually test SPF macro:
$ dig 207.54.65.231.spf.hc210-93.eu.iphmx.com

;; ANSWER SECTION:
207.54.65.231.spf.hc210-93.eu.iphmx.com. 1403 IN A 127.0.0.2

# Script version:
__version__ = "2.0.2"
__date__ = "2017-12-14"

# pyspf version
python3-pyspf-2.0.14-8.el8.noarch

Looks all good to me and i don't know why policyd-spf is rejection the mail ... Any ideas?

Thanks

Can you help with this problem?

Provide an answer of your own, or ask Dino Edwards for more information if necessary.

To post a message you must log in.