[Pkg-exim4-users] Does sa-exim block the use of the SPF ACL?
Steinar Bang
sb at dod.no
Tue Aug 17 10:16:30 UTC 2010
>>>>> Steinar Bang <sb at dod.no>:
> So I guess that SPF is now working. Only not for my own domain.
> Which means that there is something wrong with my DNS SPF records...?
The answer is that I had set up the SPF for "softfail"
It was
mydomain.no. 86400 IN TXT "v=spf1 mx ~all"
but is now
mydomain.no. 86400 IN TXT "v=spf1 mx -all"
When creating the original record I just followed the wizard at
"Deploying SPF" on http://www.openspf.org/ and pasted the results into
the bind zone file. And a soft fail was what it created.
Later reading seems to indicate that there should be an SPF record type,
rather than misusing the TXT record type. But I don't know if the BIND
that publishes my zone file supports that.
So.. right now there are two handlers of SPF: exim itself and
sa-exim/spamassassin. I guess sa-exim never sees it, since exim now
rejects SPF failures...? Are there downsides to letting exim4 handle
SPF failures directly? Would I be better off letting
sa-exim/spamassassin handle SPF failures?
Thanx!
- Steinar
More information about the Pkg-exim4-users
mailing list