/var/log/old/mail.log-20121219.gz:
...
Dec 18 20:12:33 gaugino postfix/smtpd[1954]: Anonymous TLS connection
established from ch1gmehub08.msn.com[207.46.200.12]: TLSv1 with cipher
AES128-SHA (128/128 bits)
Dec 18 20:12:34 gaugino policyd-spf[1956]:
spfcheck: pyspf result: "['None', '', 'helo']"
Dec 18 20:12:34 gaugino policyd-spf[1956]: None; identity=helo;
client-ip=207.46.200.12; helo=smtpi.msn.com;
envelope-from=account-security-nore...@microsoft.com;
receiver=anton@van<cut>
Dec 18 20:12:34 gaugino policyd-spf[1956]: spfcheck: pyspf result:
"['Permerror', 'SPF Permanent Error: Too many DNS lookups',
'mailfrom']"
Dec 18 20:12:34 gaugino policyd-spf[1956]: Permerror;
identity=mailfrom; client-ip=207.46.200.12; helo=smtpi.msn.com;
envelope-from=account-security-nore...@microsoft.com;
receiver=anton@van<cut>
Dec 18 20:12:34 gaugino dkimproxy.in[16897]: connect from 127.0.0.1
Dec 18 20:12:34 gaugino postfix/smtpd[1957]: initializing the
server-side TLS engine
Dec 18 20:12:34 gaugino postfix/smtpd[1957]: connect from
localhost[127.0.0.1]
Dec 18 20:12:34 gaugino postfix/smtpd[1954]: warning: proxy
127.0.0.1:10025 rejected "MAIL
FROM:<account-security-nore...@microsoft.com> SIZE=5696 AUTH=<>": "555
5.5.4 Unsupported option: AUTH=<>"
Dec 18 20:12:34 gaugino postfix/smtpd[1954]: disconnect from
ch1gmehub08.msn.com[207.46.200.12]
...
mail.log:
...
Nov 8 19:07:29 gaugino postfix/smtpd[25695]:
smtp3.versatel.nl[62.58.50.90]: save session
480C389F650B00DC8F5A871D506414D2EDD3EFE7194D171F10BF80CB90090288&s=smtp to
smtpd cache
Nov 8 19:07:29 gaugino postfix/tlsmgr[11620]: put smtpd session
id=480C389F650B00DC8F5A871D506414D2EDD3EFE7194D171F10BF80CB90090288&s=smtp
[data 127 bytes]
Nov 8 19:07:29 gaugino postfix/tlsmgr[11620]: write smtpd TLS cache entry
480C389F650B00DC8F5A871D506414D2EDD3EFE7194D171F10BF80CB90090288&s=smtp:
time=1352401649 [data 127 bytes]
Nov 8 19:07:29 gaugino postfix/smtpd[25695]: Anonymous TLS connection
established from smtp3.versatel.nl[62.58.50.90]: TLSv1 with cipher
DHE-RSA-AES256-SHA (256/256 bits)
Nov 8 19:07:29 gaugino policyd-spf[25698]: spfcheck: pyspf result:
"['None', '', 'helo']"
Nov 8 19:07:29 gaugino policyd-spf[25698]: None; identity=helo;
client-ip=62.58.50.90; helo=smtp3.versatel.nl;
envelope-from=<cut>@zonnet.nl; receiver=anton@<cut>
Nov 8 19:07:29 gaugino policyd-spf[25698]: spfcheck: pyspf result:
"['None', '', 'mailfrom']"
Nov 8 19:07:29 gaugino policyd-spf[25698]: None; identity=mailfrom;
client-ip=62.58.50.90; helo=smtp3.versatel.nl;
envelope-from=<cut>@zonnet.nl; receiver=anton@<cut>
Nov 8 19:07:29 gaugino dkimproxy.in[10228]: connect from 127.0.0.1
Nov 8 19:07:29 gaugino postfix/smtpd[25699]: initializing the server-side
TLS engine
Nov 8 19:07:29 gaugino postfix/smtpd[25699]: connect from
localhost[127.0.0.1]
Nov 8 19:07:29 gaugino postfix/smtpd[25695]: warning: proxy
127.0.0.1:10025 rejected "MAIL FROM:<<cut>@zonnet.nl> SIZE=19064
AUTH=<<cut>@zonnet.nl>": "555 5.5.4 Unsupported option:
AUTH=<<cut>@zonnnet.nl>"
Nov 8 19:07:29 gaugino postfix/smtpd[25695]: disconnect from
smtp3.versatel.nl[62.58.50.90]
...
Is microsoft.com and versatel.nl sending mail with invalid AUTH?
What means: "SPF Permanent Error: Too many DNS lookups'"?
Am I doing something wrong?
Kind regards,
Jaap van Wingerde.
jaap@gaugino:~$ sudo postconf -n
[sudo] password for jaap:
2bounce_notice_recipient = postmaster
alias_maps = hash:/etc/aliases
allow_min_user = no
allow_untrusted_routing = no
append_dot_mydomain = no
biff = no
bounce_notice_recipient = postmaster
bounce_queue_lifetime = 30d
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
defer_transports = etrn-only
delay_notice_recipient = postmaster
delay_warning_time = 0
disable_vrfy_command = yes
fast_flush_domains = mail.custard.shrl.nl
html_directory = /usr/share/doc/postfix/html
inet_interfaces = 94.142.<cut>, [2a02:898:62:<cut>
inet_protocols = all
local_destination_concurrency_limit = 2
luser_relay = postmaster
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
maximal_backoff_time = 300s
maximal_queue_lifetime = 30d
message_size_limit = 67108864
minimal_backoff_time = 60s
mydestination = <cut>
mydomain = <cut>.nl
myhostname = <cut>.nl
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 [2a02:898:62:<cut>
myorigin = <cut>.nl
notify_classes = 2bounce, delay, resource, software
queue_run_delay = 60s
readme_directory = /usr/share/doc/postfix
recipient_bcc_maps = hash:/etc/postfix/recipient_bcc_maps
recipient_delimiter = +
relay_domains = $mydestination
sender_bcc_maps = hash:/etc/postfix/sender_bcc_maps
smtp_bind_address6 = 2a02:898:62:<cut>
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_starttls_timeout = 300s
smtp_tls_loglevel = 2
smtp_tls_note_starttls_offer = yes
smtp_tls_policy_maps = hash:/etc/postfix/tls_policy
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_tls_session_cache_timeout = 3600s
smtpd_banner = $myhostname ESMTP NO UCE
smtpd_data_restrictions = reject_unauth_pipelining, permit
smtpd_etrn_restrictions = permit_mynetworks, reject
smtpd_helo_required = yes
smtpd_recipient_restrictions = reject_invalid_hostname,
reject_non_fqdn_hostname, reject_non_fqdn_sender,
reject_non_fqdn_recipient, reject_unknown_recipient_domain,
permit_mynetworks,
permit_sasl_authenticated,reject_unauth_destination,
check_sender_access hash:/etc/postfix/sender_access,
check_helo_access hash:/etc/postfix/helo_checks,
check_policy_service unix:private/policyd-spf, reject_rbl_client
cbl.abuseat.org, reject_rbl_client zen.spamhaus.org, permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain =
smtpd_sasl_path = smtpd
smtpd_sasl_security_options = noanonymous
smtpd_starttls_timeout = 300s
smtpd_tls_always_issue_session_ids = yes
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/postfix/ssl.cert
smtpd_tls_key_file = /etc/postfix/ssl.pem
smtpd_tls_loglevel = 2
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_tls_session_cache_timeout = 3600s
tls_daemon_random_bytes = 32
tls_random_bytes = 32
tls_random_reseed_period = 3600s
tls_random_source = dev:/dev/urandom
transport_maps = hash:/etc/postfix/transport
virtual_alias_domains = <cut>
virtual_alias_maps = hash:/etc/postfix/virtual
jaap@gaugino:~$
