[Pkg-exim4-users] SPF, update for the default example & documentation
Gijs Hillenius
gijs at hillenius.net
Wed Jul 1 10:13:55 BST 2020
On 25 June 2020 14:02 Andreas Metzler, wrote:
> On 2020-06-22 Gijs Hillenius <gijs at hillenius.net> wrote:
>> Good afternoon Andreas
>
>> Thanks for looking into this. As a result, I've been chasing my own tail
>> to figure out under which conditions I get "spf none" results; because
>> like you say, it does not seem to have anything to do with "-v 1".
> [...]
>
> Hello Gijs,
>
> responding on-list ...
>
> Thanks for doublechecking that -v 1 is not necessary.
>
> For the current Debian exim packages we are using
>
> condition = ${run{/usr/bin/spfquery.mail-spf-perl --ip \
> ${quote:$sender_host_address} --identity \
> ${if def:sender_address_domain \
> {--scope mfrom --identity ${quote:$sender_address}}\
> {--scope helo --identity ${quote:$sender_helo_name}}}}\
> {no}{${if eq {$runrc}{1}{yes}{no}}}}
>
Since I enabled this macro, Exim has refused a handful of
emails. Including an automatic noreply email from the Dutch tax
authorities.
If I run the check on the command line, it works:
pfquery.mail-spf-perl --ip 85.159.100.4 --scope mfrom --identity noreply at belastingdienst.nl --scope helo --identity belastingdienst.nl
pass
They (the tax authorities) are noticing that there are problems with the
helo/ehlo check. In English:
https://www.belastingdienst.nl/wps/wcm/connect/bldcontenten/standaard_functies/individuals/contact/contact_other_subjects/information-for-mail-server-managers
So.. that points me to perhaps another tweak in the Exim configuration
that I did not update:
my conf has
acl_check_mail:
.ifdef CHECK_MAIL_HELO_ISSUED
deny
message = no HELO given before MAIL command
condition = ${if def:sender_helo_name {no}{yes}}
.endif
whereas the exim4.conf.template.dpkg seems to suggest this should now be
require message = nice hosts say HELO first
condition = ${if def:sender_helo_name}
correct?
More information about the Pkg-exim4-users
mailing list