Seems de dmx.net / dmx.de SPF is broken: > set type=TXT > gmx.net Server: 10.10.21.4 Address: 10.10.21.4#53 Non-authoritative answer: gmx.net text = "v=spf1 ip4:213.165.64.0/23 -all" Authoritative answers can be found from: > gmx.de Server: 10.10.21.4 Address: 10.10.21.4#53 Non-authoritative answer: gmx.de text = "v=spf1 ip4:213.165.64.0/23 -all" Authoritative answers can be found from:
this does not include: Received: from pD9E05917.dip.t-dialin.net (EHLO [223.1.1.128]) > [217.224.89.23] The managers of the dmx.de / dmx.net should strip that header to make their SPF record ok, or include their dial-up users IP addresses. -Sietse From: Bret Miller Sent: Mon 18-Dec-06 17:41 To: Jan Doberstein; users@spamassassin.apache.org Subject: RE: SPF detection making mistakes > i'm getting some problems with the spamassassin spf modul > (Mail::SpamAssassin::Plugin::SPF) maybe i can resolve this problem by > asking the list. > > Please take a look at this header: > > > ----------- start cut ----------- > Return-path: <[EMAIL PROTECTED]> > Delivery-date: Sun, 17 Dec 2006 10:45:20 +0100 > Received: by wp030.webpack.hosteurope.de running Exim 4.43 using esmtp > from mi012.mc1.hosteurope.de ([80.237.138.243]); > id 1Gvsa8-0007VG-JW; Sun, 17 Dec 2006 10:45:20 +0100 > Received: by mx0.webpack.hosteurope.de (80.237.138.5, > mi012.mc1.hosteurope.de) running EXperimental Internet Mailer > (even more > power) using smtp > from mail.gmx.net ([213.165.64.20]) > id 1Gvsa6-0005C2-As > for [EMAIL PROTECTED]; Sun, 17 Dec 2006 10:45:20 +0100 > Received: (qmail invoked by alias); 17 Dec 2006 09:45:18 -0000 > Received: from pD9E05917.dip.t-dialin.net (EHLO [223.1.1.128]) > [217.224.89.23] > by mail.gmx.net (mp034) with SMTP; 17 Dec 2006 10:45:18 +0100 > X-Authenticated: #202980 > From: "just a name" <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Date: Sun, 17 Dec 2006 10:45:33 +0100 > MIME-Version: 1.0 > Subject: test > Reply-to: [EMAIL PROTECTED] > Message-ID: <[EMAIL PROTECTED]> > Priority: normal > X-mailer: Pegasus Mail for Windows (4.41) > Content-type: text/plain; charset=ISO-8859-1 > Content-transfer-encoding: Quoted-printable > Content-description: Mail message body > X-Y-GMX-Trusted: 0 > X-HE-Virus-Scanned: yes > X-HE-Spam-Level: ++ > X-HE-Spam-Score: 2.5 > X-HE-Spam-Report: Content analysis details: (2.5 points) > > pts rule name description > --- ---- -------------- -------------------------------------- > 2.1 HELO_DYNAMIC_DIALIN Relay HELO'd using suspicious > hostname (T-Dialin) > 0.2 SPF_FAIL SPF: sender does not match SPF record (fail) > [SPF failed: Please see > http://spf.pobox.com/why.html?sender=xxx%40gmx.de&ip=223.1.1.12 > 8&receiver=mi012.mc1.hosteurope.de] Huh?? 223.1.1.12? Is 213.165.64.20 part of your trusted networks? Actually the doc for the SPF module says "trusted_networks" but shouldn't it be checking "internal_networks" instead? Anyway, it fails because it's checking the wrong IP because it thinks you received it at one stage earlier that you did. That's likely because either or both of trusted_networks and internal_networks are not correctly set. HTH, Bret > 0.2 RCVD_ILLEGAL_IP Received: contains illegal IP address > > Envelope-to: [EMAIL PROTECTED] > > ----------- end cut ----------- > > > As you can see, the spf check fail, but in my understanding if should > pass without a failure. > > This mail was sent via dial-in and smtp-auth ... how can i modify the > spf modul that this will check this kind of header correct ? > > > Thanks for help. > > \jd > >
