Re: [exim] Weird SPF rejection - what can be the cause ofi…

Top Page
Delete this message
Reply to this message
Author: Sebastian Nielsen
Date:  
To: exim-users
Old-Topics: Re: [exim] Weird SPF rejection - what can be the cause of it? (buiilt-in SPF handler in exim)
New-Topics: Re: [exim] Weird SPF rejection - what can be the cause of it? (buiilt-in SPF handler in exim)
Subject: Re: [exim] Weird SPF rejection - what can be the cause ofit? (buiilt-in SPF handler in exim)
Now I did that, and STRAIGHT AFTER, the first SPF debug query you gave me.
They give different results about MX for lansforsakringar.se, apparently dnsdb and spf isn't in agreement of whats MX for lansforsakringar.se and the weirdness is that I don't have this trouble with other domain:


root@sebastian-desktop:/etc/init.d# exim -d-all+expand+lookup+dns -be '${lookup dnsdb {mx=lansforsakringar.se}}'
Exim version 4.93 uid=0 gid=0 pid=3333014 D=10120
Support for: crypteq iconv() IPv6 Perl GnuTLS move_frozen_messages Content_Scanning DANE DKIM DNSSEC Event I18N OCSP SPF DMARC TCP_Fast_Open Experimental_DSN_info
Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmjz dbmnz dnsdb dsearch passwd
Authenticators: cram_md5 cyrus_sasl dovecot external plaintext spa tls
Routers: accept dnslookup ipliteral iplookup manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore/mbx autoreply pipe smtp
Malware: clamd sock cmdline
Fixed never_users: 0
Configure owner: 1001:1001
Size of off_t: 8
Compiler: GCC [9.3.0]
Library version: Glibc: Compile: 2.31
                        Runtime: 2.31
Library version: BDB: Compile: Berkeley DB 5.3.28: (September  9, 2013)
                      Runtime: Berkeley DB 5.3.28: (September  9, 2013)
Library version: GnuTLS: Compile: 3.6.13
                         Runtime: 3.6.13
Library version: IDN2: Compile: 2.2.0
                       Runtime: 2.2.0
Library version: Stringprep: Compile: 1.33
                             Runtime: 1.33
Library version: Cyrus SASL: Compile: 2.1.27
                             Runtime: 2.1.27 [Cyrus SASL]
Library version: PCRE: Compile: 8.39
                       Runtime: 8.39 2016-06-14
Total 12 lookups
WHITELIST_D_MACROS unset
TRUSTED_CONFIG_LIST unset
adding PATH=/bin:/usr/bin
configuration file is /etc/exim4/exim4.conf
log selectors = 0000cffc 19005022 00000007
trusted user
admin user
dropping to exim gid; retaining priv uid
 ╭considering: ${lookup dnsdb {mx=lansforsakringar.se}}
  ╭considering: mx=lansforsakringar.se}}
  ├──expanding: mx=lansforsakringar.se
  ╰─────result: mx=lansforsakringar.se
 search_open: dnsdb "NULL"
 search_find: file="NULL"
   key="mx=lansforsakringar.se" partial=-1 affix=NULL starflags=0
 LRU list:
 internal_search_find: file="NULL"
   type=dnsdb key="mx=lansforsakringar.se"
 database lookup required for mx=lansforsakringar.se
 dnsdb key: lansforsakringar.se
DNS lookup of lansforsakringar.se (MX) succeeded
 lookup yielded: 10 mxcluster1.lansforsakringar.se
 20 mxcluster4.lansforsakringar.se
 10 mxcluster3.lansforsakringar.se
 20 mxcluster2.lansforsakringar.se
 ├──expanding: ${lookup dnsdb {mx=lansforsakringar.se}}
 ╰─────result: 10 mxcluster1.lansforsakringar.se
 20 mxcluster4.lansforsakringar.se
 10 mxcluster3.lansforsakringar.se
 20 mxcluster2.lansforsakringar.se
10 mxcluster1.lansforsakringar.se
20 mxcluster4.lansforsakringar.se
10 mxcluster3.lansforsakringar.se
20 mxcluster2.lansforsakringar.se
search_tidyup called

>>>>>>>>>>>>>>>> Exim pid=3333014 (main: expansion test) terminating with rc=0 >>>>>>>>>>>>>>>>

root@sebastian-desktop:/etc/init.d# exim -d-all+expand+lookup+dns -be '${lookup {noreply@???} spf {194.16.160.133}}'
Exim version 4.93 uid=0 gid=0 pid=3333019 D=10120
Support for: crypteq iconv() IPv6 Perl GnuTLS move_frozen_messages Content_Scanning DANE DKIM DNSSEC Event I18N OCSP SPF DMARC TCP_Fast_Open Experimental_DSN_info
Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmjz dbmnz dnsdb dsearch passwd
Authenticators: cram_md5 cyrus_sasl dovecot external plaintext spa tls
Routers: accept dnslookup ipliteral iplookup manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore/mbx autoreply pipe smtp
Malware: clamd sock cmdline
Fixed never_users: 0
Configure owner: 1001:1001
Size of off_t: 8
Compiler: GCC [9.3.0]
Library version: Glibc: Compile: 2.31
                        Runtime: 2.31
Library version: BDB: Compile: Berkeley DB 5.3.28: (September  9, 2013)
                      Runtime: Berkeley DB 5.3.28: (September  9, 2013)
Library version: GnuTLS: Compile: 3.6.13
                         Runtime: 3.6.13
Library version: IDN2: Compile: 2.2.0
                       Runtime: 2.2.0
Library version: Stringprep: Compile: 1.33
                             Runtime: 1.33
Library version: Cyrus SASL: Compile: 2.1.27
                             Runtime: 2.1.27 [Cyrus SASL]
Library version: PCRE: Compile: 8.39
                       Runtime: 8.39 2016-06-14
Total 12 lookups
WHITELIST_D_MACROS unset
TRUSTED_CONFIG_LIST unset
adding PATH=/bin:/usr/bin
configuration file is /etc/exim4/exim4.conf
log selectors = 0000cffc 19005022 00000007
trusted user
admin user
dropping to exim gid; retaining priv uid
 ╭considering: ${lookup {noreply@???} spf {194.16.160.133}}
  ╭considering: noreply@???} spf {194.16.160.133}}
  ├──expanding: noreply@???
  ╰─────result: noreply@???
  ╭considering: 194.16.160.133}}
  ├──expanding: 194.16.160.133
  ╰─────result: 194.16.160.133
 search_open: spf "194.16.160.133"
spf_compile.c:523    Debug: Parsing macro starting at Please%_see%_http://www.openspf.org/Why?id=%{S}&ip=%{C}&receiver=%{R}
spf_compile.c:1210   Debug: Compiling record v=spf1
 search_find: file="194.16.160.133"
   key="noreply@???" partial=-1 affix=NULL starflags=0
 LRU list:
 internal_search_find: file="194.16.160.133"
   type=spf key="noreply@???"
 file lookup required for noreply@???
   in 194.16.160.133
spf_dns.c:52         Debug: DNS[cache] lookup: lansforsakringar.se TXT (16)
spf_dns.c:52         Debug: DNS[exim] lookup: lansforsakringar.se TXT (16)
DNS lookup of lansforsakringar.se (TXT) succeeded
spf_dns.c:66         Debug: DNS[exim] found record
spf_dns.c:67         Debug:     DOMAIN: lansforsakringar.se  TYPE: TXT (16)
spf_dns.c:70         Debug:     TTL: 3600  RR found: 1  herrno: 0  source: exim
spf_dns.c:94         Debug:     - TXT: v=spf1 mx -all
spf_dns.c:66         Debug: DNS[cache] found record
spf_dns.c:67         Debug:     DOMAIN: lansforsakringar.se  TYPE: TXT (16)
spf_dns.c:70         Debug:     TTL: 3600  RR found: 1  herrno: 0  source: exim
spf_dns.c:94         Debug:     - TXT: v=spf1 mx -all
spf_server.c:402     Debug: get_record(lansforsakringar.se): NETDB_SUCCESS
spf_server.c:443     Debug: found SPF record: v=spf1 mx -all
spf_compile.c:1210   Debug: Compiling record v=spf1 mx -all
spf_compile.c:1314   Debug: Name starts at  mx -all
spf_compile.c:1407   Debug: Adding mechanism type 2
spf_compile.c:846    Debug: SPF_c_mech_add: type=2, value= -all
spf_compile.c:1314   Debug: Name starts at  all
spf_compile.c:1407   Debug: Adding mechanism type 8
spf_compile.c:846    Debug: SPF_c_mech_add: type=8, value=
spf_dns.c:52         Debug: DNS[cache] lookup: lansforsakringar.se MX (15)
spf_dns.c:52         Debug: DNS[exim] lookup: lansforsakringar.se MX (15)
DNS lookup of lansforsakringar.se (MX) succeeded
spf_dns.c:66         Debug: DNS[exim] found record
spf_dns.c:67         Debug:     DOMAIN: (null)  TYPE: ANY (255)
spf_dns.c:70         Debug:     TTL: 86400  RR found: 0  herrno: 1  source: exim
spf_dns.c:66         Debug: DNS[cache] found record
spf_dns.c:67         Debug:     DOMAIN: (null)  TYPE: ANY (255)
spf_dns.c:70         Debug:     TTL: 86400  RR found: 0  herrno: 1  source: exim
spf_interpret.c:823  Debug: found 0 MX records for lansforsakringar.se  (herrno: 1)
 lookup yielded: fail
 ├──expanding: ${lookup {noreply@???} spf {194.16.160.133}}
 ╰─────result: fail
            ╰──(tainted)
fail
search_tidyup called

>>>>>>>>>>>>>>>> Exim pid=3333019 (main: expansion test) terminating with rc=0 >>>>>>>>>>>>>>>>

root@sebastian-desktop:/etc/init.d#


-----Ursprungligt meddelande-----
Från: Jeremy Harris via Exim-users <exim-users@???>
Skickat: den 8 maj 2020 01:49
Till: exim-users@???
Ämne: Re: [exim] Weird SPF rejection - what can be the cause of it? (buiilt-in SPF handler in exim)

On 08/05/2020 00:18, Sebastian Nielsen via Exim-users wrote:
> spf_interpret.c:823 Debug: found 0 MX records for lansforsakringar.se (herrno: 1)


It got that and stopped. Yet when you used "dig" it worked...
Try the debug for exim doing an MX lookup:

'${lookup dnsdb {mx=lansforsakringar.se}}'

--
Cheers,
Jeremy

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/