[milters] Archive

Lists Index Date Thread Search

Article: 1131
From: Dave Tanner
Date: 2006-09-06 00:10:16 -0400
Subject: SPF and PTR records

Removal...........: milters-request@milter.info?subject=remove
More information..: http://www.milter.info/#Support
--------------------------------------------------------

This is a multi-part message in MIME format.

------_=_NextPart_001_01C6D16A.5C5CEC9D
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Hi,

=20

I'm experiencing the following, which I believe to be faulty.  Basically
libsnert's spf is passing any IP address that had a PTR defined where is
there a PTR allow in the rule, even if there is no match in the domain
names.

=20

Please see the following.

=20

/usr/src/com/snert/src/lib/mail/spf -t "spf1 ptr -all" -v 220.233.0.4
snertsoft.com

<snertsoft.com> Pass

=20

Sep  6 13:33:46 xx spf[25086]: enter spfCheck(bfffd950, snertsoft.com,
'spf1 ptr -all') ip=3D220.233.0.4 helo=3Dunknown
mail=3Dpostmaster@snertsoft.com

Sep  6 13:33:46 xx spf[25086]: enter DnsOpen()

Sep  6 13:33:46 xx spf[25086]: DnsInit((null)) rc=3D0

Sep  6 13:33:46 xx spf[25086]: DnsSetTimeout(80545c8, 5000)

Sep  6 13:33:46 xx spf[25086]: DnsSetRounds(80545c8, 4)

Sep  6 13:33:46 xx spf[25086]: exit  DnsOpen() Dns=3D80545c8

Sep  6 13:33:46 xx spf[25086]: domain=3Dsnertsoft.com TXT=3Dspf1 ptr =
-all

Sep  6 13:33:46 xx spf[25086]: enter DnsGet(80545c8, PTR=3D12, 0,
220.233.0.4)

Sep  6 13:33:47 xx spf[25086]: exit  DnsGet(80545c8, PTR=3D12, 0, )
Vector=3D8051f68 rc=3D0 error=3D

Sep  6 13:33:47 xx spf[25086]: enter DnsGet(80545c8, A=3D1, 1,
mx1.exetel.com.au.)

Sep  6 13:33:47 xx spf[25086]: exit  DnsGet(80545c8, A=3D1, 1,
mx1.exetel.com.au.) Vector=3D8054838 rc=3D0 error=3D

Sep  6 13:33:47 xx spf[25086]: matching ptr

Sep  6 13:33:47 xx spf[25086]: DnsClose(80545c8)

Sep  6 13:33:47 xx spf[25086]: exit  spfCheck(bfffd950, snertsoft.com,
'spf1 ptr -all') result=3DPass error=3D

=20

Running

430638  libsnert-1.62.tar.gz

220249 milter-spiff-0.11.tar.gz

=20

Bug? Or am I interpreting some documentation wrong?

=20

Cheers

David Tanner


------_=_NextPart_001_01C6D16A.5C5CEC9D
Content-Type: text/html;
	charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<html xmlns:o=3D"urn:schemas-microsoft-com:office:office" =
xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns=3D"http://www.w3.org/TR/REC-html40">

<head>
<meta http-equiv=3DContent-Type content=3D"text/html; =
charset=3Dus-ascii">
<meta name=3DGenerator content=3D"Microsoft Word 11 (filtered medium)">
<style>
<!--
 /* Font Definitions */
 @font-face
	{font-family:"MS Mincho";
	panose-1:2 2 6 9 4 2 5 8 3 4;}
@font-face
	{font-family:"\@MS Mincho";
	panose-1:2 2 6 9 4 2 5 8 3 4;}
 /* Style Definitions */
 p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0cm;
	margin-bottom:.0001pt;
	font-size:12.0pt;
	font-family:"Times New Roman";}
a:link, span.MsoHyperlink
	{color:blue;
	text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
	{color:purple;
	text-decoration:underline;}
span.EmailStyle17
	{mso-style-type:personal-compose;
	font-family:Arial;
	color:windowtext;}
@page Section1
	{size:595.3pt 841.9pt;
	margin:72.0pt 90.0pt 72.0pt 90.0pt;}
div.Section1
	{page:Section1;}
-->
</style>

</head>

<body lang=3DEN-AU link=3Dblue vlink=3Dpurple>

<div class=3DSection1>

<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>Hi,<o:p></o:p></span></font></p>

<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p>&nbsp;</o:p></span></font></p>

<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>I&#8217;m experiencing the following, which I believe =
to be
faulty.&nbsp; Basically libsnert&#8217;s spf is passing any IP address =
that had
a PTR defined where is there a PTR allow in the rule, even if there is =
no match
in the domain names.<o:p></o:p></span></font></p>

<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p>&nbsp;</o:p></span></font></p>

<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>Please see the =
following.<o:p></o:p></span></font></p>

<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p>&nbsp;</o:p></span></font></p>

<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>/usr/src/com/snert/src/lib/mail/spf -t &quot;spf1 ptr
-all&quot; -v 220.233.0.4
snertsoft.com<o:p></o:p></span></font></p>

<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>&lt;snertsoft.com&gt; =
Pass<o:p></o:p></span></font></p>

<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p>&nbsp;</o:p></span></font></p>

<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>Sep&nbsp; 6 13:33:46 xx spf[25086]: enter =
spfCheck(bfffd950,
snertsoft.com, 'spf1 ptr -all') ip=3D220.233.0.4 helo=3Dunknown
mail=3Dpostmaster@snertsoft.com<o:p></o:p></span></font></p>

<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>Sep&nbsp; 6 13:33:46 xx spf[25086]: enter =
DnsOpen()<o:p></o:p></span></font></p>

<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>Sep&nbsp; 6 13:33:46 xx spf[25086]: DnsInit((null)) =
rc=3D0<o:p></o:p></span></font></p>

<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>Sep&nbsp; 6 13:33:46 xx spf[25086]: =
DnsSetTimeout(80545c8,
5000)<o:p></o:p></span></font></p>

<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>Sep&nbsp; 6 13:33:46 xx spf[25086]: =
DnsSetRounds(80545c8, 4)<o:p></o:p></span></font></p>

<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>Sep&nbsp; 6 13:33:46 xx spf[25086]: exit&nbsp; =
DnsOpen()
Dns=3D80545c8<o:p></o:p></span></font></p>

<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>Sep&nbsp; 6 13:33:46 xx spf[25086]: =
domain=3Dsnertsoft.com
TXT=3Dspf1 ptr -all<o:p></o:p></span></font></p>

<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>Sep&nbsp; 6 13:33:46 xx spf[25086]: enter =
DnsGet(80545c8,
PTR=3D12, 0, 220.233.0.4)<o:p></o:p></span></font></p>

<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>Sep&nbsp; 6 13:33:47 xx spf[25086]: exit&nbsp;
DnsGet(80545c8, PTR=3D12, 0, ) Vector=3D8051f68 rc=3D0 =
error=3D<o:p></o:p></span></font></p>

<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>Sep&nbsp; 6 13:33:47 xx spf[25086]: enter =
DnsGet(80545c8,
A=3D1, 1, mx1.exetel.com.au.)<o:p></o:p></span></font></p>

<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>Sep&nbsp; 6 13:33:47 xx spf[25086]: exit&nbsp;
DnsGet(80545c8, A=3D1, 1, mx1.exetel.com.au.) Vector=3D8054838 rc=3D0 =
error=3D<o:p></o:p></span></font></p>

<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>Sep&nbsp; 6 13:33:47 xx spf[25086]: matching =
ptr<o:p></o:p></span></font></p>

<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>Sep&nbsp; 6 13:33:47 xx spf[25086]: =
DnsClose(80545c8)<o:p></o:p></span></font></p>

<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>Sep&nbsp; 6 13:33:47 xx spf[25086]: exit&nbsp;
spfCheck(bfffd950, snertsoft.com, 'spf1 ptr -all') result=3DPass =
error=3D<o:p></o:p></span></font></p>

<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p>&nbsp;</o:p></span></font></p>

<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>Running<o:p></o:p></span></font></p>

<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>430638&nbsp; =
libsnert-1.62.tar.gz<o:p></o:p></span></font></p>

<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>220249  =
milter-spiff-0.11.tar.gz<o:p></o:p></span></font></p>

<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p>&nbsp;</o:p></span></font></p>

<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>Bug? Or am I interpreting some documentation =
wrong?<o:p></o:p></span></font></p>

<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p>&nbsp;</o:p></span></font></p>

<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>Cheers<o:p></o:p></span></font></p>

<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>David
Tanner<o:p></o:p></span></font></p>

</div>

</body>

</html>

------_=_NextPart_001_01C6D16A.5C5CEC9D--

Lists Index Date Thread Search