ram wrote: > I find the spamassassin's SPF checks extremely unreliable. A lot of > times I get SPF Fail of SPF Neutral for the same sender domain and IP > address. While it is supposed to pass > > The same mail shows SPF pass when I run SA on commandline > > Is there something wrong with my configuration ? I use spamassassin > 3.1.5 with MailScanner > Note: unless you've got a distribution-patched version, SA 3.1.5 is vulnerable to a DoS attack caused by over-long URLs in the message body. You should check to make sure you're not vulnerable here.
http://spamassassin.apache.org/advisories/cve-2007-0451.txt Personally, I've not encountered this problem with SPF and I use MailScanner with SA 3.1.8. However, the part that sticks out to me most isn't the difference caused by using the command-line tool. The difference that sticks out to me is that these occur at different times, which makes a big difference for network tests? Any chance the DNS records for the sending domain are sometimes unavailable? Or that the first DNS server in your /etc/resolv.conf isn't always reliable? (Net::DNS which SA uses is well known to not use your secondary DNS server in the event the primary fails, which is one reason why it is recommended to have a simple caching DNS server on the same box SA is running on.)
