On 11/06/18 09:39, Matus UHLAR - fantomas wrote:
On 11.06.18 08:56, Sebastian Arcus wrote:
I am running SA 4.0.0-r1823176 on Perl 5.26.2. On a number of domains
I administer, outbound mail triggers the SPF_HELO_FAIL rule - but the
regular SPF check passes. I am struggling to see why this is
happening, as the HELO name is set to the same value as the name of
the server/dns name, it has rDNS - and it clearly passes during the
regular SPF check - but not the SPF_HELO check. I have re-checked the
domain settings at mxtoolbox.com - and there doesn't seem to be any
problem. Any ideas please?
do users use SMTP authentication?
Messages submitted over SMTP are authenticated. Other messages are
generated locally on the sending server and passed on the command line
to Exim. All messages hit SPF_HELO_FAIL
Is that visible in headers?
I'm not really sure. Which bit of the headers should contain the
authentication data?
# spamassassin -D 2>&1 < /test.eml | grep -i spf
we need to see the Received: header.
Sure:
Received: from mail.sinclair-accounting.co.uk ([80.229.84.190]:47700)
by mail.open-t.co.uk with esmtps
(TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256)
(Exim 4.90)
(envelope-from <email_removed>)
id 1fSIEL-0001Wn-P4
for email_removed; Mon, 11 Jun 2018 09:31:16 +0100
<DKIM header skipped>
Received: from jucara ([192.168.71.82])
by mail.sinclair-accounting.co.uk with esmtpsa
(TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128)
(Exim 4.90_1)
(envelope-from <email_removed>)
id 1fSIEG-0007bx-Lw
for email_removed; Mon, 11 Jun 2018 09:31:10 +0100
