Hi. I'm getting T_SPF_PERMERROR extremely often. Not exclusively, but
especially when spammers are faking my own domain names.
Here's an example from the good old xerox copier spam:
From cop...@nro.ca Fri May 26 08:26:18 2017
Return-Path: <cop...@nro.ca>
X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on nro.ca
X-Spam-Level:
X-Spam-Status: No, score=0.0 required=5.9 tests=T_SPF_PERMERROR
autolearn=disabled version=3.4.1
Received: from static.vnpt.vn (static.vnpt.vn [113.163.197.219] (may be
forged))
by nro.ca (8.15.2/8.15.2) with ESMTP id v4QCQGx7015855
for <remo...@nro.ca>; Fri, 26 May 2017 08:26:16 -0400
Date: Fri, 26 May 2017 19:26:08 +0700
From: "cop...@nro.ca" <cop...@nro.ca>
When I test with sfpquery the result is fail like you would expect.
spfquery -s mfrom --id cop...@nro.ca --ip 113.163.197.219
I've run external checks on my spf records and they seem fine (they haven't
changed in years), but this issue is not limited to my domains, other legit
mail from big domains has the same issue.
I built a clean new server back in March with SA 3.4.1 and Perl-5.24.1. All
my perl modules are up to date and the prerequisites seem to check out
except Mail-SPF-v2.9.0 It wouldn't install because it's failing tests. I had
to force it to install. spfquery worked so initially I thought maybe I was
okay.
The test failures are all returning temperror, along the lines of:
# Expected: 'none'
# Got: 'temperror'
# Expected: 'fail'
# Got: 'temperror'
That's a brief overview of the situation. If anyone has any hints about
where I should be looking or how I can test further it would be much
appreciated.
