[ctw] Re: interpreting ASSP SPF fail
- From: aklist <aklist_eims@xxxxxxxxxxxxx>
- To: ctw@xxxxxxxxxxxxx
- Date: Sat, 22 Oct 2011 10:27:45 -0700
On 10/22/2011 9:44 AM, TR Shaw wrote:
On Oct 22, 2011, at 12:31 PM, aklist wrote:Hi All: I'm trying to get a handle on why ASSP flagged this message as spam for an SPF failure? The message was sent by a local domain user using their blackberry. I have an SPF record for "localdomain1.com" with the IP address of the ASSP/EIMS server listed. The SPF record uses softfail "~all". Is the SPF fail being caused by the blackberry server, or something to do with the local domain? TIA for any advice! Return-Path:<user1@xxxxxxxxxxxxxxxx> Received: from assp.mydomain.com (127.0.0.1) by mail.mydomain.com with SMTP (EIMS X 3.3.9) for<monitorspam@xxxxxxxxxxxxxxxx>; Fri, 21 Oct 2011 09:18:31 -0700 Received: from smtp10.bis6.us.blackberry.com ([188.8.131.52] helo=smtp10.bis6.us.blackberry.com) by assp.mydomain.com with ESMTP (ASSP 1.9); 21 Oct 2011 09:18:30 -0700 Received: from b27.c30.bise6.blackberry ([192.168.0.127]) by srs.bis6.us.blackberry.com (8.13.7 TEAMON/8.13.7) with ESMTP id p9LGIUNj011172 for<user@xxxxxxxxxxxxxxxx>; Fri, 21 Oct 2011 16:18:30 GMT Received: from 172.29.223.199 (cmp29.c30.bise6.blackberry [172.29.223.199]) by b27.c30.bise6.blackberry (8.13.7 TEAMON/8.13.7) with ESMTP id p9LGIT7M003453 for<user@xxxxxxxxxxxxxxxx>; Fri, 21 Oct 2011 16:18:29 GMT X-rim-org-msg-ref-id: 1251677768 Message-ID:<1251677768-1319213909-cardhu_decombobulator_blackberry.rim.net-1903184366-@xxxxxxxxxxxxxxxxxxxxxxx> Reply-To: user1@xxxxxxxxxxxxxxxx X-Priority: Normal Sensitivity: Normal Importance: Normal Subject: [SPF] Fw: Your Sweet City Candy order To: "Dad"<user@xxxxxxxxxxxxxxxx> From: user1@xxxxxxxxxxxxxxxx Date: Fri, 21 Oct 2011 16:18:28 +0000 Content-Type: multipart/alternative; boundary="part2749-boundary-503454095-1448843816" MIME-Version: 1.0 X-Assp-Version: 184.108.40.206(1.1.00) on assp.mydomain.com X-Assp-Delay: user@xxxxxxxxxxxxxxxx not delayed (auto accepted); 21 Oct 2011 09:18:30 -0700 X-Assp-Score: 5 (SPF softfail) X-Assp-Envelope-From: user1@xxxxxxxxxxxxxxxx X-Assp-ID: assp.mydomain.com 31921-00469 X-Assp-Spam: YES X-Assp-Original-Subject: Fw: Your SCC order X-Spam-Status:YES X-Assp-Spam-Reason: SPF softfail X-Assp-Message-Totalscore: 5 X-Assp-Intended-For: user@xxxxxxxxxxxxxxxx X-Assp-Copy-Spam: YesLooks like a backberry issue but you would have to look at their SPF record. However, check what you are doing on SPF handling as normally a softfail will just accumulate score and the score is too low to call it spam.
Thanks Tom, I have SPF set to "score", and no fallback/override domains configured.
The "strict processing" is set to: @firstname.lastname@example.orgemail@example.comfirstname.lastname@example.orgemail@example.comfirstname.lastname@example.orgemail@example.comfirstname.lastname@example.orgemail@example.comfirstname.lastname@example.orgemail@example.com|rr.com|veritate.com "Strict Blocking" set to: @firstname.lastname@example.org Under that, I have "strict spf blocking for local domains" checked. "Alias domain" is set to my local domain. Everything else is unchecked. Circle The Wagonsmanage: http://www.freelists.org/list/ctw post: mailto:ctw@xxxxxxxxxxxxx
unsubscribe: mailto:ctw-request@xxxxxxxxxxxxx?subject=unsubscribe search: http://www.freelists.org/archives/ctw faq: http://www.freelists.org/wiki/the_faq