[opendmarc-users] SPF checks passing when they shouldn't?
Karl Pielorz
kpielorz_lst at tdx.co.uk
Wed Aug 12 12:40:12 PDT 2015
Hi,
I'm new to OpenDMARC - I've installed opendmarc-1.3.1 - and I've run into
issues with SPF checking.
I've set OpenDMARC to not trust previously added SPF results, and to do the
tests itself, i.e. in the config file:
"
SPFIgnoreResults true
SPFSelfValidate true
"
I did find the following issue:
<http://sourceforge.net/p/opendmarc/tickets/120/>
I've patched for that now (previously I'd noticed a lot of 'spf=pass' when
it shouldn't) - but I'm still seeing SPF issues, e.g.
"
Received: from 46.130.47.36 (36.47.130.46.in-addr.mts.am [46.130.47.36]
(may be forged))
by myserver.com (8.14.9/8.14.9) with SMTP id t4BHt3Sa053715
for <my-address at somewhere.com>; Tue, 11 Aug 2015 18:52:08 +0100 (BST)
Authentication-Results: myserver.com; dmarc=none header.from=apple.co.uk
Authentication-Results: myserver.com; spf=pass
smtp.mailfrom=accountsuspended at apple.co.uk
Authentication-Results: myserver.com; dkim=none
reason="no signature"; dkim-adsp=none (unprotected policy)
From: "Apple security UK" <accountsuspended at apple.co.uk>
"
That shows "spf=pass". Admittedly there is *no* TXT SPF record for
'apple.co.uk' (that I can see) - but shouldn't it show as something other
than 'pass'? e.g. 'spf=none' or something?
Cheers,
-Karl
More information about the opendmarc-users
mailing list