• If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Announcement

Collapse
No announcement yet.

Mail from backup server rejected by SPF rules

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Mail from backup server rejected by SPF rules

    Hi there,

    I have an issue with SPF and receiving email from my backup mailserver.

    I have a small family setup with only one email "server".
    I booked an email backup service on the internet which queues my emails in case my email server becomes unavailable.
    I now have the problem that when my server comes back up the backup server wants to deliver the queued emails but is rejected due to SPF errors.
    I had this issue before, but configured some rules around it.
    Unfortunately these rules don't seem to work any more with Axigen 10.1.4.

    Here is a sample log:

    Code:
      2017-08-29 11:31:24 +0000 08 mail SMTP-IN:00000004: [172.31.14.232:25] connection accepted from [208.80.120.11:51152]
      2017-08-29 11:31:24 +0000 08 mail SMTP-IN:00000004: Set smtp action to ACCEPT
      2017-08-29 11:31:24 +0000 08 mail SMTP-IN:00000004: Set smtp explanation to [Accept messages from Backup Server]
      2017-08-29 11:31:24 +0000 08 mail SMTP-IN:00000004: Wait for processing response at least 20 seconds
      2017-08-29 11:31:24 +0000 08 mail SMTP-IN:00000004: Set local delivery to all
      2017-08-29 11:31:24 +0000 08 mail SMTP-IN:00000004: Set remote delivery to auth
      2017-08-29 11:31:24 +0000 08 mail SMTP-IN:00000004: AuthMatchFrom is disabled
      2017-08-29 11:31:27 +0000 08 mail SMTP-IN:00000004: SPF result for MAIL FROM <v-deedcic_cemjcehmbd_ejaeceda_ejaeceda_a@bounce.hayhouse.mkt5657.com@bounce.hayhouse.mkt5657.com> issued from EHLO domain <mx1.dnsmadeeasy.com> connected from <208.80.120.11>: Fail (spfHeader = 'fail (bounce.hayhouse.mkt5657.com: domain of v-deedcic_cemjcehmbd_ejaeceda_ejaeceda_a@bounce.hayhouse.mkt5657.com does not designate 208.80.120.11 as permitted sender) client-ip=208.80.120.11; envelope-from=v-deedcic_cemjcehmbd_ejaeceda_ejaeceda_a@bounce.hayhouse.mkt5657.com; mechanism=default; identity=mailfrom; receiver=mail;'; spfExplanation = 'null')
      2017-08-29 11:31:27 +0000 08 mail SMTP-IN:00000004: Set smtp action to REJECT
      2017-08-29 11:31:27 +0000 08 mail SMTP-IN:00000004: Set smtp explanation to [SPF check failed for <mx1.dnsmadeeasy.com> with result <Fail>: <>]
      2017-08-29 11:31:27 +0000 08 mail SMTP-IN:00000004: Set SPF result to pass
      2017-08-29 11:31:27 +0000 08 mail SMTP-IN:00000004: Set mail state to REMOVED
      2017-08-29 11:31:27 +0000 08 mail SMTP-IN:00000004: Max errors reached; closing connection
      2017-08-29 11:31:27 +0000 08 mail SMTP-IN:00000004: closing session from [208.80.120.11:51152]
    and here is the configuration that worked before:

    smtpFilters.script


    Code:
     method exclude_backup_from_spf {
      if (
      anyOf (
      ipRange (remoteSmtpIP, "208.94.150.197-208.94.150.197"),
      ipRange (remoteSmtpIP, "208.80.120.10-208.80.120.10"),
      ipRange (remoteSmtpIP, "208.94.147.129-208.94.147.129"),
      ipRange (remoteSmtpIP, "208.80.120.11-208.80.120.11")
      )
      ) {
      set (smtpAction, "accept");
      set (smtpExplanation, "Accept messages from Backup Server");
      }
      }
      method excldude_backup_from_spf_2_11 {
      if (
      allOf (
      isCase (SPFResult, "fail"),
      ipRange (remoteSmtpIP, "208.80.120.11-208.80.120.11")
      )
      ) {
      set (SPFResult, "pass");
      }
      }
    Any help would be greatly appreciated.

    Thanks

  • #2
    Hello,

    For me it seems there are no problems related to SPF but there are some errors reported duirng the communication wth your backup server

    Code:
    Max errors reached; closing connection
    Please check again after you have increased the log level to Protocol Communication level for SMTP Receiving service. This should reveal any errors that should appear during the SMTP-IN sessions with your backup server.

    HTH,
    Ioan

    Comment


    • #3
      It is working now, I Had to change the smtp filter entry slightly, it now shows this:

      Code:
       method exclude_backup_from_spf_120_11 {
        if (
        allOf (
        isCase (SPFResult, "fail"),
        ipRange (remoteSmtpIP, "208.80.120.11-208.80.120.11")
        )
        ) {
        set (SPFResult, "pass");
        set (smtpAction, "accept");
        set (smtpExplanation, "Backup server override");
        }
        }
      So once I added the smtpaction accept is works.

      Comment


      • #4
        Hello,

        Glad to hear you find the way to fix the problem.

        BR,
        Ioan

        Comment

        Working...
        X