Here is another example that I was able to isolate to a test file.
The debug looks like this:
[28763] dbg: plugin: registering glue method for check_hashcash_double_spend
(Mail::SpamAssassin::Plugin::Hashcash=HASH(0x98a6e80))
[28763] dbg: plugin: registering glue method for check_for_spf_helo_pass
(Mail::SpamAssassin::Plugin::SPF=HASH(0x9880c54))
[28763] dbg: spf: checking HELO (helo=BABY, ip=125.214.61.195)
[28763] dbg: spf: cannot check HELO of 'BABY', skipping
[28763] dbg: eval: all '*From' addrs: [EMAIL PROTECTED]
[28763] dbg: eval: forged-HELO: from= helo=baby by=uuserver.net
[28763] dbg: plugin: registering glue method for check_subject_in_blacklist
(Mail::SpamAssassin::Plugin::WhiteListSubject=HASH(0xa001140))
[28763] dbg: plugin: registering glue method for check_hashcash_value
(Mail::SpamAssassin::Plugin::Hashcash=HASH(0x98a6e80))
[28763] dbg: eval: trying Received header date for real time: 18 Jun 2006
03:05:08 -0500
[28763] dbg: eval: time_t from date=1150617908, rcvd= 18 Jun 2006 03:05:08
-0500
[28763] dbg: eval: trying Received header date for real time: 18 Jun 2006
03:04:28 -0500
[28763] dbg: eval: time_t from date=1150617868, rcvd= 18 Jun 2006 03:04:28
-0500
[28763] dbg: eval: all '*To' addrs: [EMAIL PROTECTED]
[28763] dbg: plugin: registering glue method for check_for_spf_neutral
(Mail::SpamAssassin::Plugin::SPF=HASH(0x9880c54))
[28763] dbg: spf: checking EnvelopeFrom (helo=BABY, ip=125.214.61.195,
[EMAIL PROTECTED])
[28763] dbg: spf: query for
[EMAIL PROTECTED]/125.214.61.195/BABY: result: softfail, comment:
[28763] dbg: plugin: registering glue method for check_for_spf_softfail
(Mail::SpamAssassin::Plugin::SPF=HASH(0x9880c54))
[28763] dbg: rules: ran eval rule SPF_SOFTFAIL ======> got hit
[28763] dbg: plugin: registering glue method for check_for_spf_pass
(Mail::SpamAssassin::Plugin::SPF=HASH(0x9880c54))
[28763] dbg: plugin: registering glue method for check_for_spf_helo_softfail
(Mail::SpamAssassin::Plugin::SPF=HASH(0x9880c54))
[28763] dbg: rules: ran eval rule __ENV_AND_HDR_FROM_MATCH ======> got hit
[28763] dbg: plugin: registering glue method for
check_for_def_spf_whitelist_from
(Mail::SpamAssassin::Plugin::SPF=HASH(0x9880c54))
[28763] dbg: spf: def_whitelist_from_spf: [EMAIL PROTECTED] is
not in DEF_WHITELIST_FROM_SPF
[28763] dbg: plugin: registering glue method for check_for_spf_fail
(Mail::SpamAssassin::Plugin::SPF=HASH(0x9880c54))
[28763] dbg: eval: date chosen from message: Sun Jun 18 03:04:28 2006
[28763] dbg: plugin: registering glue method for check_subject_in_whitelist
(Mail::SpamAssassin::Plugin::WhiteListSubject=HASH(0xa001140))
[28763] dbg: plugin: registering glue method for
check_for_spf_whitelist_from
(Mail::SpamAssassin::Plugin::SPF=HASH(0x9880c54))
[28763] dbg: spf: whitelist_from_spf: [EMAIL PROTECTED] is not in
user's WHITELIST_FROM_SPF
Headers:
>From [EMAIL PROTECTED] Mon Jun 19 00:44:04 2006
Return-Path: <[EMAIL PROTECTED]>
Received: from host.uuserver.net ([EMAIL PROTECTED])
by xxxx.org (8.12.11/8.12.11) with ESMTP id k5I8573c022877
for <[EMAIL PROTECTED]>; Sun, 18 Jun 2006 03:05:08 -0500
X-ClientAddr: 125.214.61.195
Received: from BABY ([125.214.61.195])
by host.uuserver.net (8.12.11/8.12.11) with ESMTP id k5I84QuC026169
for <[EMAIL PROTECTED]>; Sun, 18 Jun 2006 03:04:28 -0500
Report has this:
pts rule name description
---- ---------------------- -----------------------------------------
0.5 PLING_QUERY Subject has exclamation mark and question mark
1.4 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail)
[SPF failed: ]
-----Original Message-----
From: JamesDR [mailto:[EMAIL PROTECTED]
Sent: Sunday, June 18, 2006 05:16 PM
To: users@spamassassin.apache.org
Subject: Re: SPF SOFTFAIL definition
AFAIK, you would get nothing. Just like if any other DNS test would fail.
What spamassassin reports as *FAIL is not an indicator that DNS isn't
working. You would need to consult your logs and do some testing.
However, since this is a DNS lookup, this does add time to the scanning
(I've seen where this can add a lot of time..) I prefer to use SPF for
my whitelisting needs in SA, I block anything that hardfails at the
server level -- allowing SA to add points for a softfail. Keep in mind,
it seems most servers that implement SPF use softfail (~all).
HTH
--
Thanks,
JamesDR
