Exim4U General Discussion

Not authorized by SPF

classic Classic list List threaded Threaded
3 messages Options
Kebba Foon
Reply | Threaded
Open this post in threaded view
|

Not authorized by SPF

Kebba Foon
Dear list,

Am receiving below error for this particular user, i don't understand why spf is rejecting this address or how to white-list it from spf check:

2016-02-01 10:38:47 H=mail-wm0-f52.google.com [74.125.82.52] F=<[hidden email]> rejected RCPT <********@qcell.gm>: Sender address not permitted - SPF.: Not authorized by SPF

_______________________________________________
users mailing list
[hidden email]
https://exim4u.org/mailman/listinfo/users
Seidel, Michael
Reply | Threaded
Open this post in threaded view
|

Re: Not authorized by SPF

Seidel, Michael

Dear Kebba,

 

my guess is, that lighttec.com.eg have a misconfigured SPF record. (IF (!) they use Google services for their mail !) TXT record ->  "v=spf1 +a +mx +ip4:213.158.187.39 +ip4:213.158.187.0/24 -all"

 

So Google (with mail-wm0-f52.google.com [74.125.82.52] ) is sending on behalf of lighttec.com.eg which is not included in their SPF record, so your mail server is telling you, that something is wrong here and blocks it.

 

So: might be SPAM, might be misconfiguration on lighttec.com.eg side. But your config is OK.

 

Kind regards,

 

Michael Seidel

Systemadministrator

FAI rent-a-jet AG

http://www.fai.ag/

 

-----Ursprüngliche Nachricht-----
Von: users [mailto:[hidden email]] Im Auftrag von Kebba Foon
Gesendet: Montag, 1. Februar 2016 13:06
An: [hidden email]
Betreff: [Exim4U] Not authorized by SPF

 

Dear list,

 

Am receiving below error for this particular user, i don't understand why spf is rejecting this address or how to white-list it from spf check:

 

2016-02-01 10:38:47 H=mail-wm0-f52.google.com [74.125.82.52] F=<[hidden email]> rejected RCPT <[hidden email]>: Sender address not permitted - SPF.: Not authorized by SPF

 

_______________________________________________

users mailing list

[hidden email]

https://exim4u.org/mailman/listinfo/users


_______________________________________________
users mailing list
[hidden email]
https://exim4u.org/mailman/listinfo/users
gldickens3
Reply | Threaded
Open this post in threaded view
|

Re: Not authorized by SPF

gldickens3
Administrator
Hi Keba,

Michael is correct. You can lookup that domains spf record with:

dig txt lighttec.com.eg

Which yields:

"v=spf1 +a +mx +ip4:213.158.187.39 +ip4:213.158.187.0/24 -all"

The "-all" requires strict spf compliance.  That spf record instructs mail servers to reject all mail for that domain which does not originate from the listed server IP addresses.  So, I bet that the user is sending mail through another smtp server other than these IP addresses which would require your server to reject the email.

Very few servers have a strict spf policy and I would advise against it since its generally a bad idea and will cause this problem.  My advice is that spf records should include either "+all" (Pass), "~all" (softfail) or "?all" (neutral) but never "-all" (Fail).

See: http://www.openspf.org/SPF_Record_Syntax

For example, most of my server records are setup for "~all".

If you prefer, you can also disable spf checks on your Exim4U server by simply commenting out all references to spf in /etc/exim/exim.conf.

FYI,

Gordon




On 02/01/2016 07:26 AM, Seidel, Michael wrote:

Dear Kebba,

 

my guess is, that lighttec.com.eg have a misconfigured SPF record. (IF (!) they use Google services for their mail !) TXT record ->  "v=spf1 +a +mx +ip4:213.158.187.39 +ip4:213.158.187.0/24 -all"

 

So Google (with mail-wm0-f52.google.com [74.125.82.52] ) is sending on behalf of lighttec.com.eg which is not included in their SPF record, so your mail server is telling you, that something is wrong here and blocks it.

 

So: might be SPAM, might be misconfiguration on lighttec.com.eg side. But your config is OK.

 

Kind regards,

 

Michael Seidel

Systemadministrator

FAI rent-a-jet AG

http://www.fai.ag/

 

-----Ursprüngliche Nachricht-----
Von: users [[hidden email]] Im Auftrag von Kebba Foon
Gesendet: Montag, 1. Februar 2016 13:06
An: [hidden email]
Betreff: [Exim4U] Not authorized by SPF

 

Dear list,

 

Am receiving below error for this particular user, i don't understand why spf is rejecting this address or how to white-list it from spf check:

 

2016-02-01 10:38:47 H=mail-wm0-f52.google.com [74.125.82.52] F=<[hidden email]> rejected RCPT <[hidden email]>: Sender address not permitted - SPF.: Not authorized by SPF

 

_______________________________________________

users mailing list

[hidden email]

https://exim4u.org/mailman/listinfo/users



_______________________________________________
users mailing list
[hidden email]
https://exim4u.org/mailman/listinfo/users


_______________________________________________
users mailing list
[hidden email]
https://exim4u.org/mailman/listinfo/users
Free forum by Nabble Edit this page