Sam Varshavchik <mrs...@courier-mta.com> writes:
Lloyd Zusman writes:
Yes, I am using "=all" with all three of them.
bofh settings:
opt BOFHSPFHELO=all
opt BOFHSPFMAILFROM=all
opt BOFHSPFFROM=all
From error log (lines manually wrapped):
Jan 25 01:29:03 courieresmtpd: started,ip=[::ffff:65.19.161.222]
Jan 25 01:29:11 courieresmtpd: error,relay=::ffff:65.19.161.222,
from=<supp...@redwoodvirtual.com>: 517 SPF fail
supp...@redwoodvirtual.com: Maximum of 20 nested SPF queries exceeded.
Works for me -- I just tested (with opt BOFHSPFMAILFROM=all, this is the
setting that controls checking of the MAIL FROM
Look for spurious whitespace, etcâ¦
My courierfilters are running, and they are properly handling
courierfilters are not involved with SPF checking. All SPF stuff
happens long before courierfilters get involved.
But what about these two cases, both of which refer to the case where
all three variables are set to "all", and where there is a courierfilter
that is controlled by /var/spool/courier/filters.
1. a message comes in for which SPF fails, and there are no maildrop
whitelisting rules, and the message therefore gets sent to
a courierfilter
2. a message comes in for which SPF fails, and there ARE matching
maildrop whitelisting rules which then cause the courierfilter step
to be bypassed (because it's controlled by
/var/spool/courier/filters).
In case 1, it's clear that the message will be (or at least _should_
be) sent on to the courierfilter.
But what about case 2? The message won't be sent to the courierfilter,
so is there then a possibility that the SPF fail will cause a 517
message to be returned to the sender, after all?
Thanks.
17 messages in net.sourceforge.lists.courier-users[courier-users] Re: Completely turnin...
