You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Dan Barker <db...@visioncomm.net> on 2004/10/18 21:40:59 UTC
How to get SPF to work in Windoze (SA 3.0.0)
I've just installed SpamAssassin 3.0.0 under Windoze. It appears to be
working as documented. However, I'm uncertain what I've done to make SPF
checking not function. Network stuff appears OK because:
a) it takes a while to run (ca. 5 seconds) and
b) Blacklists work (I see headers like: X-Spam-Status: No, score=4.4
required=5.0
tests=ADDRESS_IN_SUBJECT,DNS_FROM_AHBL_RHSBL,HTML_MESSAGE,MIME_HTML_ONLY,NOR
MAL_HTTP_TO_IP,RCVD_IN_SBL,URIBL_SBL autolearn=no version=3.0.0)
All .cf files are untouched since the install program did whatever it did to
them (most notably putting postmaster@visioncomm.net in the Report text -
Cool!).
Setup, vanilla.
ActivePerl: This is perl, v5.8.4 built for MSWin32-x86-multi-thread.
SpamAssassin: SpamAssassin version 3.0.0 | running on Perl version 5.8.4
Box: Windoze 2K Server, SP4. Running IMail 8.13, Spamassassin and M$ DNS.
No other duties.
Running the ActivePerl version with the -D switch on the IMail D...SMD file
shows:
debug: config: read file C:\Perl\site/share/spamassassin/25_spf.cf
... 16 lines hidden
debug: plugin: loading Mail::SpamAssassin::Plugin::SPF from @INC
debug: plugin: registered Mail::SpamAssassin::Plugin::SPF=HASH(0x2950f4c)
... 60 lines hidden
debug: registering glue method for check_for_spf_helo_pass
(Mail::SpamAssassin::Plugin::SPF=HASH(0x2950f4c))
debug: SPF: checking HELO (helo=acshub02.cancer.org, ip=12.168.24.151)
debug: SPF: trimmed HELO down to 'cancer.org'
>>>>>> debug: SPF: cannot load or create Mail::SPF::Query module <<<<<
What's this [db]
... 4 lines hidden
debug: registering glue method for check_for_spf_softfail
(Mail::SpamAssassin::Plugin::SPF=HASH(0x2950f4c))
>>>>>> debug: SPF: cannot get Envelope-From, cannot use SPF <<<<<
What's this [db]
debug: registering glue method for check_for_spf_pass
(Mail::SpamAssassin::Plugin::SPF=HASH(0x2950f4c))
debug: registering glue method for check_for_spf_helo_softfail
(Mail::SpamAssassin::Plugin::SPF=HASH(0x2950f4c))
debug: registering glue method for check_for_spf_helo_fail
(Mail::SpamAssassin::Plugin::SPF=HASH(0x2950f4c))
Inbound email headers (pbarker DOES NOT work at cancer.org - visioncomm.com
DOES publish v=spf1 +mx -all):
Received: from acshub02.cancer.org [12.168.24.151] by visioncomm.net with
ESMTP
(SMTPD32-8.13) id AF9C1B005E; Mon, 18 Oct 2004 10:13:48 -0400
Received: from Dan Barker ([10.110.23.50])
by acshub02.cancer.org (Lotus Domino Release 6.5.1)
with SMTP id 2004101810133993-253022 ;
Mon, 18 Oct 2004 10:13:39 -0400
From: Pam Barker<pb...@visioncomm.com>
To: dbarker@visioncomm.net
CC:
Subject: Test message
X-Mailer: NetMasters SMTP Demo
Mime-Version: 1.0
X-MIMETrack: Itemize by SMTP Server on ACSHUB02/ACS/US(Release 6.5.1|January
21, 2004) at
10/18/2004 10:13:40 AM,
Serialize by Router on ACSHUB02/ACS/US(Release 6.5.1|January 21, 2004) at
10/18/2004 10:13:41 AM,
Serialize complete at 10/18/2004 10:13:41 AM
Date: Mon, 18 Oct 2004 10:13:40 -0400
Message-ID: <OF...@cancer.org>
Content-Type: text/plain; charset=us-ascii
X-Spam-Checker-Version: SpamAssassin 3.0.0 (2004-09-13) on
mail.visioncomm.net
X-Spam-Level:
X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham
version=3.0.0
X-RCPT-TO: <db...@visioncomm.net>
Status: U
X-UIDL: 397683681
Note: Notes won't accept email without a HELO. I used "Dan Barker". That's
why my name is in the headers. The messages should get an SPFFail because
visioncomm.com doesn't deliver via acshub02.cancer.org.
I can do a tcpdump on this, but I bet I'd not see a thing. It's most likely
a trivial configuration boo-boo (like the wrong Perl?).
tia,
Dan Barker
RE: How to get SPF to work in Windoze (SA 3.0.0)
Posted by Bret Miller <br...@wcg.org>.
> I've just installed SpamAssassin 3.0.0 under Windoze. It appears to be
> working as documented. However, I'm uncertain what I've done
> to make SPF
> checking not function. Network stuff appears OK because:
> a) it takes a while to run (ca. 5 seconds) and
> b) Blacklists work (I see headers like: X-Spam-Status: No, score=4.4
> required=5.0
> tests=ADDRESS_IN_SUBJECT,DNS_FROM_AHBL_RHSBL,HTML_MESSAGE,MIME
> _HTML_ONLY,NOR
> MAL_HTTP_TO_IP,RCVD_IN_SBL,URIBL_SBL autolearn=no version=3.0.0)
>
> All .cf files are untouched since the install program did
> whatever it did to
> them (most notably putting postmaster@visioncomm.net in the
> Report text -> Cool!).
>
> Setup, vanilla.
> ActivePerl: This is perl, v5.8.4 built for MSWin32-x86-multi-thread.
> SpamAssassin: SpamAssassin version 3.0.0 | running on Perl
> version 5.8.4
> Box: Windoze 2K Server, SP4. Running IMail 8.13,
> Spamassassin and M$ DNS.
> No other duties.
>
> Running the ActivePerl version with the -D switch on the
> IMail D...SMD file
> shows:
>
> debug: config: read file C:\Perl\site/share/spamassassin/25_spf.cf
> ... 16 lines hidden
> debug: plugin: loading Mail::SpamAssassin::Plugin::SPF from @INC
> debug: plugin: registered
> Mail::SpamAssassin::Plugin::SPF=HASH(0x2950f4c)
> ... 60 lines hidden
> debug: registering glue method for check_for_spf_helo_pass
> (Mail::SpamAssassin::Plugin::SPF=HASH(0x2950f4c))
> debug: SPF: checking HELO (helo=acshub02.cancer.org, ip=12.168.24.151)
> debug: SPF: trimmed HELO down to 'cancer.org'
> >>>>>> debug: SPF: cannot load or create Mail::SPF::Query
> module <<<<<
> What's this [db]
1. You need to "ppm install Mail-SPF-Query".
> ... 4 lines hidden
> debug: registering glue method for check_for_spf_softfail
> (Mail::SpamAssassin::Plugin::SPF=HASH(0x2950f4c))
> >>>>>> debug: SPF: cannot get Envelope-From, cannot use SPF
> <<<<<
> What's this [db]
2. IMail apparently does not add a "Return-path:" header to indicate who
the sender was in the SMTP protocol. This is abosolutely necessary in
order to check SPF.
> debug: registering glue method for check_for_spf_pass
> (Mail::SpamAssassin::Plugin::SPF=HASH(0x2950f4c))
> debug: registering glue method for check_for_spf_helo_softfail
> (Mail::SpamAssassin::Plugin::SPF=HASH(0x2950f4c))
> debug: registering glue method for check_for_spf_helo_fail
> (Mail::SpamAssassin::Plugin::SPF=HASH(0x2950f4c))
>
> Inbound email headers (pbarker DOES NOT work at cancer.org -
> visioncomm.com
> DOES publish v=spf1 +mx -all):
>
> Received: from acshub02.cancer.org [12.168.24.151] by
> visioncomm.net with
> ESMTP
> (SMTPD32-8.13) id AF9C1B005E; Mon, 18 Oct 2004 10:13:48 -0400
> Received: from Dan Barker ([10.110.23.50])
> by acshub02.cancer.org (Lotus Domino Release 6.5.1)
> with SMTP id 2004101810133993-253022 ;
> Mon, 18 Oct 2004 10:13:39 -0400
> From: Pam Barker<pb...@visioncomm.com>
> To: dbarker@visioncomm.net
> CC:
> Subject: Test message
> X-Mailer: NetMasters SMTP Demo
> Mime-Version: 1.0
> X-MIMETrack: Itemize by SMTP Server on
> ACSHUB02/ACS/US(Release 6.5.1|January
> 21, 2004) at
> 10/18/2004 10:13:40 AM,
> Serialize by Router on ACSHUB02/ACS/US(Release
> 6.5.1|January 21, 2004) at
> 10/18/2004 10:13:41 AM,
> Serialize complete at 10/18/2004 10:13:41 AM
> Date: Mon, 18 Oct 2004 10:13:40 -0400
> Message-ID: <OF...@cancer.org>
> Content-Type: text/plain; charset=us-ascii
> X-Spam-Checker-Version: SpamAssassin 3.0.0 (2004-09-13) on
> mail.visioncomm.net
> X-Spam-Level:
> X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham
> version=3.0.0
> X-RCPT-TO: <db...@visioncomm.net>
> Status: U
> X-UIDL: 397683681
>
> Note: Notes won't accept email without a HELO. I used "Dan
> Barker". That's
> why my name is in the headers. The messages should get an
> SPFFail because
> visioncomm.com doesn't deliver via acshub02.cancer.org.
>
> I can do a tcpdump on this, but I bet I'd not see a thing.
> It's most likely
> a trivial configuration boo-boo (like the wrong Perl?).
Your perl version is fine and works perfectly well here with CommuniGate
Pro. The two issues noted above are what it's gonna take to make SPF
work.
SPF checks the MAIL FROM in the SMTP protocol against the sending
server. In order for that check to happen, your MTA must add both in its
headers, and you have to have the perl module to do the SPF check.
Bret