Re: [exim] Weird SPF rejection - what can be the cause of it…

Top Page
This message is part of the following thread:
M\the complete thread tree sorted by date
MM 
MJeremy Harris at ->
Delete this message
Reply to this message
Author: Jeremy Harris
Date:  
To: exim-users
Old-Topics: [exim] Weird SPF rejection - what can be the cause ofit? (buiilt-in SPF handler in exim)
New-Topics: Re: [exim] Weird SPF rejection - what can be the cause ofit? (buiilt-in SPF handler in exim), Re: [exim] Weird SPF rejection - what can be the cause ofit? (buiilt-in SPF handler in exim)
Subject: Re: [exim] Weird SPF rejection - what can be the cause of it? (buiilt-in SPF handler in exim)
On 07/05/2020 23:34, Sebastian Nielsen via Exim-users wrote:
> I got the following weird SPF rejection in my logs (im using the built-in
> SPF handler in exim):
>
> 2020-05-07 11:14:35 H=mxcluster2.lansforsakringar.se [194.16.160.133]
> X=TLS1.2:ECDHE_SECP521R1__RSA_SHA512__AES_256_GCM:256 CV=no rejected MAIL
> <noreply@???>: SPF check failed: sebbe.eu: domain of
> lansforsakringar.se does not designate 194.16.160.133 as permitted sender

Running a query for that under the testsuite, and with debug, it seems
to pass: 

 ╭considering: ${lookup {noreply@???} spf {194.16.160.133}}
  ╭considering: noreply@???} spf {194.16.160.133}}
  ├──expanding: noreply@???
  ╰─────result: noreply@???
  ╭considering: 194.16.160.133}}
  ├──expanding: 194.16.160.133
  ╰─────result: 194.16.160.133
 search_open: spf "194.16.160.133"
spf_compile.c:523    Debug: Parsing macro starting at Please%_see%_http://www.openspf.org/Why?id=%{S}&ip=%{C}&receiver=%{R}
spf_compile.c:1210   Debug: Compiling record v=spf1 
 search_find: file="194.16.160.133"
   key="noreply@???" partial=-1 affix=NULL starflags=0 opts=NULL
 LRU list:
 internal_search_find: file="194.16.160.133"
   type=spf key="noreply@???" opts=NULL
 file lookup required for noreply@???
   in 194.16.160.133
spf_dns.c:52         Debug: DNS[cache] lookup: lansforsakringar.se SPF (99)
spf_dns.c:52         Debug: DNS[exim] lookup: lansforsakringar.se SPF (99)
spf_dns.c:66         Debug: DNS[exim] found record
spf_dns.c:67         Debug:     DOMAIN: lansforsakringar.se  TYPE: SPF (99)
spf_dns.c:70         Debug:     TTL: 0  RR found: 0  herrno: 4  source: exim
spf_dns.c:66         Debug: DNS[cache] found record
spf_dns.c:67         Debug:     DOMAIN: lansforsakringar.se  TYPE: SPF (99)
spf_dns.c:70         Debug:     TTL: 0  RR found: 0  herrno: 4  source: exim
spf_server.c:370     Debug: get_record(lansforsakringar.se): NO_DATA
spf_dns.c:52         Debug: DNS[cache] lookup: lansforsakringar.se TXT (16)
spf_dns.c:52         Debug: DNS[exim] lookup: lansforsakringar.se TXT (16)
DNS lookup of lansforsakringar.se (TXT) using fakens
fresh-exec forking for fakens-search
postfork: fakens-search
fresh-exec forked for fakens-search: 176697
fakens returned PASS_ON
passing lansforsakringar.se on to res_search()
DNS lookup of lansforsakringar.se (TXT) succeeded
spf_dns.c:66         Debug: DNS[exim] found record
spf_dns.c:67         Debug:     DOMAIN: lansforsakringar.se  TYPE: TXT (16)
spf_dns.c:70         Debug:     TTL: 3377  RR found: 1  herrno: 0  source: exim
spf_dns.c:94         Debug:     - TXT: v=spf1 mx -all
spf_dns.c:66         Debug: DNS[cache] found record
spf_dns.c:67         Debug:     DOMAIN: lansforsakringar.se  TYPE: TXT (16)
spf_dns.c:70         Debug:     TTL: 3377  RR found: 1  herrno: 0  source: exim
spf_dns.c:94         Debug:     - TXT: v=spf1 mx -all
spf_server.c:412     Debug: get_record(lansforsakringar.se): NETDB_SUCCESS
spf_server.c:457     Debug: found SPF record: v=spf1 mx -all
spf_compile.c:1210   Debug: Compiling record v=spf1 mx -all
spf_compile.c:1314   Debug: Name starts at  mx -all
spf_compile.c:1407   Debug: Adding mechanism type 2
spf_compile.c:846    Debug: SPF_c_mech_add: type=2, value= -all
spf_compile.c:1314   Debug: Name starts at  all
spf_compile.c:1407   Debug: Adding mechanism type 8
spf_compile.c:846    Debug: SPF_c_mech_add: type=8, value=
spf_dns.c:52         Debug: DNS[cache] lookup: lansforsakringar.se MX (15)
spf_dns.c:52         Debug: DNS[exim] lookup: lansforsakringar.se MX (15)
DNS lookup of lansforsakringar.se (MX) using fakens
fresh-exec forking for fakens-search
postfork: fakens-search
fresh-exec forked for fakens-search: 176698
fakens returned PASS_ON
passing lansforsakringar.se on to res_search()
DNS lookup of lansforsakringar.se (MX) succeeded
spf_dns.c:66         Debug: DNS[exim] found record
spf_dns.c:67         Debug:     DOMAIN: lansforsakringar.se  TYPE: MX (15)
spf_dns.c:70         Debug:     TTL: 3377  RR found: 4  herrno: 0  source: exim
spf_dns.c:90         Debug:     - MX: mxcluster2.lansforsakringar.se
spf_dns.c:90         Debug:     - MX: mxcluster1.lansforsakringar.se
spf_dns.c:90         Debug:     - MX: mxcluster4.lansforsakringar.se
spf_dns.c:90         Debug:     - MX: mxcluster3.lansforsakringar.se
spf_dns.c:66         Debug: DNS[cache] found record
spf_dns.c:67         Debug:     DOMAIN: lansforsakringar.se  TYPE: MX (15)
spf_dns.c:70         Debug:     TTL: 3377  RR found: 4  herrno: 0  source: exim
spf_dns.c:90         Debug:     - MX: mxcluster2.lansforsakringar.se
spf_dns.c:90         Debug:     - MX: mxcluster1.lansforsakringar.se
spf_dns.c:90         Debug:     - MX: mxcluster4.lansforsakringar.se
spf_dns.c:90         Debug:     - MX: mxcluster3.lansforsakringar.se
spf_interpret.c:823  Debug: found 4 MX records for lansforsakringar.se  (herrno: 0)
spf_dns.c:52         Debug: DNS[cache] lookup: mxcluster2.lansforsakringar.se A (1)
spf_dns.c:52         Debug: DNS[exim] lookup: mxcluster2.lansforsakringar.se A (1)
DNS lookup of mxcluster2.lansforsakringar.se (A) using fakens
fresh-exec forking for fakens-search
postfork: fakens-search
fresh-exec forked for fakens-search: 176699
fakens returned PASS_ON
passing mxcluster2.lansforsakringar.se on to res_search()
DNS lookup of mxcluster2.lansforsakringar.se (A) succeeded
spf_dns.c:66         Debug: DNS[exim] found record
spf_dns.c:67         Debug:     DOMAIN: mxcluster2.lansforsakringar.se  TYPE: A (1)
spf_dns.c:70         Debug:     TTL: 3378  RR found: 1  herrno: 0  source: exim
spf_dns.c:80         Debug:     - A: 194.16.160.133
spf_dns.c:66         Debug: DNS[cache] found record
spf_dns.c:67         Debug:     DOMAIN: mxcluster2.lansforsakringar.se  TYPE: A (1)
spf_dns.c:70         Debug:     TTL: 3378  RR found: 1  herrno: 0  source: exim
spf_dns.c:80         Debug:     - A: 194.16.160.133
spf_interpret.c:854  Debug: 0: found 1 A records for mxcluster2.lansforsakringar.se  (herrno: 0)
spf_interpret.c:489  Debug: ip_match:  194.16.160.133 == 194.16.160.133  (/32 255.255.255.255):  1
 (no errors)
 lookup yielded: pass
 ├──expanding: ${lookup {noreply@???} spf {194.16.160.133}}
 ╰─────result: pass
pass






How does the equivalent debug look on your system? If it is materially different,
how?

$ exim -d-all+expand+lookup+dns -be '${lookup {noreply@???} spf {194.16.160.133}}'


--
Cheers,
Jeremy

This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-[exim] Weird SPF rejection - what can be the cause ofit? (buiilt-in SPF handler in exim)Re: [exim] Weird SPF rejection - what can be the cause ofit? (buiilt-in SPF handler in exim)->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)