> On Jul 15, 2015, at 6:53 PM, Jeremiah Rothschild <jerem...@franz.com> wrote:
>
> On Wed, Jul 15, 2015 at 07:42:15PM -0500, David B Funk wrote:
>> On Wed, 15 Jul 2015, Jeremiah Rothschild wrote:
>>
>>> Hello,
>>>
>>> I am attempting to trigger SPF_FAIL (or SPF_HELO_FAIL) on a CentOS 6.6 box
>>> running SA 3.3.1-3. Upon funneling a message through SA, however, this is
>>> what is occurring:
>>>
>>> Jul 15 15:05:10.366 [7318] dbg: spf: checking HELO (helo=1.2.3.4,
>>> ip=5.6.7.8)
>>> Jul 15 15:05:10.366 [7318] dbg: spf: cannot check HELO of '1.2.3.4',
>>> skipping
>>>
>>> Any ideas on why the SPF plugin is not functioning as expected?
>>
>> Are you literally giving a HELO name of '1.2.3.4' or is that redaction-bait?
>> That '1.2.3.4' looks like a IPv4 address, not a FQDN host name.
>> HELO should be a host FQDN, not IP address.
>
> Ah. I didn't realize HELO had to be FQDN. Nice catch, David. Thanks!
HELO does not have to be a FQDN, an IP is acceptable.
o The domain name given in the EHLO command MUST be either a primary
host name (a domain name that resolves to an address RR) or, if
the host has no name, an address literal, as described in
Section 4.1.3 and discussed further in the EHLO discussion of
Section 4.1.4.
--
"Love is the triumph of imagination over intelligence." - H. L. Mencken
