Back to Community Threads
2
SPAM CHECK - SPF: it seems to fail without a reason
Problem reported by Gabriele Maoret - SERSIS - 9/29/2020 at 11:52 PM
Not A Problem
I have found that in SPAM CHECKS the SPF test often fails for no real reason. Example:

[2020.09.30] 07:01:04.256 [6594745] Running SPF check
[2020.09.30] 07:01:04.256 [6594745] SPF PermError. IP: 194.105.55.74, Sender: admin_meteotrentino.it@meteotrentino.it, FailReason: Multiple SPF records
[2020.09.30]     SPF Record: v=spf1 ip4:194.105.55.74 ip4:194.105.55.77 ~all
[2020.09.30] 07:01:04.256 [6594745] Finished SPF check; result = PermError


It seems to me that this check must be OK, instead it fails with PermError.

Why?
Gabriele Maoret - Head of SysAdmins at SERSIS
Currently manages 6 SmarterMail installations (1 in the cloud for SERSIS which provides services to a few hundred third-party email domains + 5 on-premise for customers who prefer to have their mail server in-house)

3 Replies

Reply to Thread
1
Sébastien Riccio Replied
9/30/2020 at 2:30 AM
Hello,

To be honest SM is handling it correctly here. The sender domain is bogus about SPF, it has two entries and this is not allowed.


So it's a SPF PermError and and when this happens it should be handled like there was no SPF for the domain.

Kind regards.
Sébastien Riccio System & Network Admin https://swisscenter.com
0
Gabriele Maoret - SERSIS Replied
9/30/2020 at 2:37 AM
Hi Sébastien! You are right...
It is my mistake not to have done the test in MXTOOLBOX before writing.

But this still leads to a problem of poor understanding of the LOG, as in the LOG you only see a single SPF entry and therefore it seems that the DNS configuration is correct and it is not clear why the SPF check goes wrong.
Gabriele Maoret - Head of SysAdmins at SERSIS Currently manages 6 SmarterMail installations (1 in the cloud for SERSIS which provides services to a few hundred third-party email domains + 5 on-premise for customers who prefer to have their mail server in-house)
2
Sébastien Riccio Replied
9/30/2020 at 2:55 AM
Yes quite true. It does however says : FailReason: Multiple SPF records, what sent me to mxtoolbox to check if it was true :)

I think SM is not used to have multiple records so the log output of the spf records probably ends at the first "newline" therefore not showing the second record...

 Cheers
Sébastien Riccio System & Network Admin https://swisscenter.com
Back to Community Threads

Reply to Thread

Related Knowledge Base Articles

Recommended SPAM SettingsSmarterMail > Antispam and Antivirus
Deploying Rspamd For Use With SmarterMailSmarterMail > Server Configuration and Management
Cannot Send Email MessagesSmarterMail > Troubleshooting
Spam and Security Checks for IPv6 SystemsSmarterMail > Antispam and Antivirus
DMARC - In Simple TermsSmarterMail > Antispam and Antivirus