Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  newsreader  groups  login

Message-ID:  

The world is no nursery. -- Sigmund Freud


computers / comp.mail.pine / Re: SPF failure messages

SubjectAuthor
* SPF failure messagesAdam H. Kerman
+- Re: SPF failure messagesJ.O. Aho
+* Re: SPF failure messagesJohn Levine
|`* Re: SPF failure messagesAdam H. Kerman
| `* Re: SPF failure messagesCarlos E.R.
|  `* Re: SPF failure messagesAdam H. Kerman
|   +* Re: SPF failure messagesCarlos E.R.
|   |`* Re: SPF failure messagesAdam H. Kerman
|   | `* Re: SPF failure messagesCarlos E.R.
|   |  `* Re: SPF failure messagesAdam H. Kerman
|   |   +* Re: SPF failure messagesJohn Levine
|   |   |`* Re: SPF failure messagesAdam H. Kerman
|   |   | `* Re: SPF failure messagesJohn Levine
|   |   |  `- Re: SPF failure messagesAdam H. Kerman
|   |   `* Re: SPF failure messagesCarlos E.R.
|   |    `* Re: SPF failure messagesJ.O. Aho
|   |     +- Re: SPF failure messagesCarlos E.R.
|   |     `* Re: SPF failure messagesAdam H. Kerman
|   |      +* Re: SPF failure messagesCarlos E.R.
|   |      |`* Re: SPF failure messagesAdam H. Kerman
|   |      | +* Re: SPF failure messagesCarlos E.R.
|   |      | |`* Re: SPF failure messagesAdam H. Kerman
|   |      | | `- Re: SPF failure messagesCarlos E.R.
|   |      | `- Re: SPF failure messagesJ.O. Aho
|   |      `* Re: SPF failure messagesJ.O. Aho
|   |       `* Re: SPF failure messagesAdam H. Kerman
|   |        `- Re: SPF failure messagesJ.O. Aho
|   `* Re: SPF failure messagesJ.O. Aho
|    `* Re: SPF failure messagesAdam H. Kerman
|     `* Re: SPF failure messagesJ.O. Aho
|      `* Re: SPF failure messagesAdam H. Kerman
|       `* Re: SPF failure messagesJ.O. Aho
|        `- Re: SPF failure messagesAdam H. Kerman
`* Re: SPF failure messagesHenning Hucke
 `* Re: SPF failure messagesAdam H. Kerman
  `* Re: SPF failure messagesHenning Hucke
   +* Re: SPF failure messagesCarlos E.R.
   |+* Re: SPF failure messagesJ.O. Aho
   ||`- Re: SPF failure messagesCarlos E.R.
   |`- Re: SPF failure messagesAdam H. Kerman
   `- Re: SPF failure messagesAdam H. Kerman

Pages:12
SPF failure messages

<tr1gi7$1rs5v$1@dont-email.me>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=485&group=comp.mail.pine#485

 copy link   Newsgroups: comp.mail.pine
Path: i2pn2.org!i2pn.org!eternal-september.org!reader01.eternal-september.org!.POSTED!not-for-mail
From: ahk...@chinet.com (Adam H. Kerman)
Newsgroups: comp.mail.pine
Subject: SPF failure messages
Date: Fri, 27 Jan 2023 21:43:35 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 25
Message-ID: <tr1gi7$1rs5v$1@dont-email.me>
Injection-Date: Fri, 27 Jan 2023 21:43:35 -0000 (UTC)
Injection-Info: reader01.eternal-september.org; posting-host="cfb94c801b739a15ab98055620e0dd03";
logging-data="1962175"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18rN2be1MUWuwO8F/CqH2ShdMGg65WWpC0="
Cancel-Lock: sha1:rOZRFvIwTLQVm3j4mlcWk7HYdec=
X-Newsreader: trn 4.0-test77 (Sep 1, 2010)
 by: Adam H. Kerman - Fri, 27 Jan 2023 21:43 UTC

This isn't an alpine issue, but perhaps Eduardo might provide some
expert guidance.

For business purposes, I send email through a variety of domains, each
specific to a business. I have set up IMAP and roles within alpine to
facilitate this.

I don't control all the zone files related to domains I send through.
One domain gives me particular grief with respect to Mail servers
enforcing SPF.

Well, SPF isn't set up the way we use it and the host I use alpine
on is affected by the -all restriction. I have no idea how it was set up
but I suspect the same highly-restrictive policy was added to every
domain at this registrar. It also affects emails sent by the guy who
does have access to the zone file.

I'm stuck because he's not interested in learning about SPF.

I have to use the (barf) Web interface to send messages.

I wonder: Am I receiving all SPF failure messages? Does the recipient
refusing the connection per our own SPF policies take the position that
I'm a forger and there's no way to reach the forger to point out the SPF
restriction, and not send the failure notice?

Re: SPF failure messages

<k3j33vFsla3U1@mid.individual.net>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=486&group=comp.mail.pine#486

 copy link   Newsgroups: comp.mail.pine
Path: i2pn2.org!i2pn.org!news.swapon.de!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: use...@example.net (J.O. Aho)
Newsgroups: comp.mail.pine
Subject: Re: SPF failure messages
Date: Fri, 27 Jan 2023 23:55:59 +0100
Lines: 41
Message-ID: <k3j33vFsla3U1@mid.individual.net>
References: <tr1gi7$1rs5v$1@dont-email.me>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Trace: individual.net woJsoCnqRoqdxw59hwaQag2pG4AoyhLdtkuEW6PN1mhPJZYaW3
Cancel-Lock: sha1:UgK4pKqTxRk2LM3KXBbV0w+UOOE=
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101
Thunderbird/102.6.1
Content-Language: en-US-large
In-Reply-To: <tr1gi7$1rs5v$1@dont-email.me>
 by: J.O. Aho - Fri, 27 Jan 2023 22:55 UTC

On 27/01/2023 22:43, Adam H. Kerman wrote:

> I'm stuck because he's not interested in learning about SPF.

Not much to learn there IMHO
https://dmarcian.com/spf-syntax-table/

I guess you can do a "dig -t TXT" for the domain and then add what you
need to have added there and then suggest the new SPF record to your
zone admin.

> I have to use the (barf) Web interface to send messages.

Usually the mail provider do provide smtp and the outgoing mail from the
web interface will be relayed to that smtp server or else the same
machine is included in the SPF record.

> I wonder: Am I receiving all SPF failure messages?

Not all sends, but say google does send a report once a day to the rua
(you also have ruf, but never used that one) mentioned in the DMARC record.

> Does the recipient
> refusing the connection per our own SPF policies take the position that
> I'm a forger and there's no way to reach the forger to point out the SPF
> restriction, and not send the failure notice?

SPF record together with DMARC record are guidelines for the receiving
mail server, for example I use -all on my SPF and p=reject on my DMARC,
but in the end it's not me who decide how the receiving server handles
things, that is a discussion with the administrator of that system.

--
//Aho

Re: SPF failure messages

<tr25ll$10f9$1@gal.iecc.com>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=487&group=comp.mail.pine#487

 copy link   Newsgroups: comp.mail.pine
Path: i2pn2.org!i2pn.org!weretis.net!feeder6.news.weretis.net!news.misty.com!news.iecc.com!.POSTED.news.iecc.com!not-for-mail
From: joh...@taugh.com (John Levine)
Newsgroups: comp.mail.pine
Subject: Re: SPF failure messages
Date: Sat, 28 Jan 2023 03:43:49 -0000 (UTC)
Organization: Taughannock Networks
Message-ID: <tr25ll$10f9$1@gal.iecc.com>
References: <tr1gi7$1rs5v$1@dont-email.me>
Injection-Date: Sat, 28 Jan 2023 03:43:49 -0000 (UTC)
Injection-Info: gal.iecc.com; posting-host="news.iecc.com:2001:470:1f07:1126:0:676f:7373:6970";
logging-data="33257"; mail-complaints-to="abuse@iecc.com"
In-Reply-To: <tr1gi7$1rs5v$1@dont-email.me>
Cleverness: some
X-Newsreader: trn 4.0-test77 (Sep 1, 2010)
Originator: johnl@iecc.com (John Levine)
 by: John Levine - Sat, 28 Jan 2023 03:43 UTC

It appears that Adam H. Kerman <ahk@chinet.com> said:
>I wonder: Am I receiving all SPF failure messages?

What do you mean by SPF failure messages? SPF is an authentication
scheme, it doesn't send anything. If you mean do all of the SMTP
rejections say "we hate your SPF", nope. Also keep in mind that few
non-hobbyist mail systems reject solely because of SPF failure.

Or do you mean DMARC, where failures do cause a lot of mail rejections?

R's,
John
--
Regards,
John Levine, johnl@taugh.com, Primary Perpetrator of "The Internet for Dummies",
Please consider the environment before reading this e-mail. https://jl.ly

Re: SPF failure messages

<tr28ot$22s45$1@dont-email.me>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=488&group=comp.mail.pine#488

 copy link   Newsgroups: comp.mail.pine
Path: i2pn2.org!i2pn.org!eternal-september.org!reader01.eternal-september.org!.POSTED!not-for-mail
From: ahk...@chinet.com (Adam H. Kerman)
Newsgroups: comp.mail.pine
Subject: Re: SPF failure messages
Date: Sat, 28 Jan 2023 04:36:45 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 26
Message-ID: <tr28ot$22s45$1@dont-email.me>
References: <tr1gi7$1rs5v$1@dont-email.me> <tr25ll$10f9$1@gal.iecc.com>
Injection-Date: Sat, 28 Jan 2023 04:36:45 -0000 (UTC)
Injection-Info: reader01.eternal-september.org; posting-host="e23757c86b097709cac4e6f15575c4ff";
logging-data="2191493"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX19giRAm6pBB/BvtVbD4UgLXLBIHZxVlpKw="
Cancel-Lock: sha1:pB6tGzkAo1x+FDHXgEJZH2pWzpA=
X-Newsreader: trn 4.0-test77 (Sep 1, 2010)
 by: Adam H. Kerman - Sat, 28 Jan 2023 04:36 UTC

John Levine <johnl@taugh.com> wrote:
>It appears that Adam H. Kerman <ahk@chinet.com> said:

>>I wonder: Am I receiving all SPF failure messages?

>What do you mean by SPF failure messages? SPF is an authentication
>scheme, it doesn't send anything. If you mean do all of the SMTP
>rejections say "we hate your SPF", nope. Also keep in mind that few
>non-hobbyist mail systems reject solely because of SPF failure.

Perhaps if you'd read the rest of what I'd written, or even the entire
paragraph, instead of just the one sentence, the meaning would have been
entirely clear to you from context.

The domain has an SPF policy. I don't have a shell account on the host
of that domain. I do have various email addresses. Using alpine from my
own host, I am in violation of the SPF policy. If the network receiving
email enforces the domain's SPF policy, it won't receive my messages.

If I'm being treated like a forger, I'm questioning whether the site
necessarily sends a notice stating that the message was rejected, given
that it's going to assume ENVELOPE-FROM was forged.

>Or do you mean DMARC, where failures do cause a lot of mail rejections?

I don't require a translator, John.

Re: SPF failure messages

<06kfajxqvs.ln2@Telcontar.valinor>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=489&group=comp.mail.pine#489

 copy link   Newsgroups: comp.mail.pine
Path: i2pn2.org!i2pn.org!news.swapon.de!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: robin_li...@es.invalid (Carlos E.R.)
Newsgroups: comp.mail.pine
Subject: Re: SPF failure messages
Date: Sat, 28 Jan 2023 14:22:40 +0100
Lines: 37
Message-ID: <06kfajxqvs.ln2@Telcontar.valinor>
References: <tr1gi7$1rs5v$1@dont-email.me> <tr25ll$10f9$1@gal.iecc.com>
<tr28ot$22s45$1@dont-email.me>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Trace: individual.net gjcQAJVFQGSqH70B2uwqwQacxvizYFxci2pB2Cnq7tOPKIwwy3
X-Orig-Path: Telcontar.valinor!not-for-mail
Cancel-Lock: sha1:0qh6G20aAC+S+1aQVY8hyEQW4ks=
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101
Thunderbird/102.6.1
Content-Language: es-ES, en-CA
In-Reply-To: <tr28ot$22s45$1@dont-email.me>
 by: Carlos E.R. - Sat, 28 Jan 2023 13:22 UTC

On 2023-01-28 05:36, Adam H. Kerman wrote:
> John Levine <johnl@taugh.com> wrote:
>> It appears that Adam H. Kerman <ahk@chinet.com> said:
>
>>> I wonder: Am I receiving all SPF failure messages?
>
>> What do you mean by SPF failure messages? SPF is an authentication
>> scheme, it doesn't send anything. If you mean do all of the SMTP
>> rejections say "we hate your SPF", nope. Also keep in mind that few
>> non-hobbyist mail systems reject solely because of SPF failure.
>
> Perhaps if you'd read the rest of what I'd written, or even the entire
> paragraph, instead of just the one sentence, the meaning would have been
> entirely clear to you from context.
>
> The domain has an SPF policy. I don't have a shell account on the host
> of that domain. I do have various email addresses. Using alpine from my
> own host, I am in violation of the SPF policy. If the network receiving
> email enforces the domain's SPF policy, it won't receive my messages.

Well, you have to use the smtp server that is authorized to send email
for the domain, not yours.

>
> If I'm being treated like a forger, I'm questioning whether the site
> necessarily sends a notice stating that the message was rejected, given
> that it's going to assume ENVELOPE-FROM was forged.

If by message you mean an email, no. The smtp server will reply with a
more or less helpful "text", that the smtp server that is talking on
your behalf will log in the mail log file. It is up to the sending smtp
server to send you a rejection email, or not.

--
Cheers, Carlos.

Re: SPF failure messages

<tr3i6d$29n3o$1@dont-email.me>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=490&group=comp.mail.pine#490

 copy link   Newsgroups: comp.mail.pine
Path: i2pn2.org!i2pn.org!eternal-september.org!reader01.eternal-september.org!.POSTED!not-for-mail
From: ahk...@chinet.com (Adam H. Kerman)
Newsgroups: comp.mail.pine
Subject: Re: SPF failure messages
Date: Sat, 28 Jan 2023 16:23:41 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 55
Message-ID: <tr3i6d$29n3o$1@dont-email.me>
References: <tr1gi7$1rs5v$1@dont-email.me> <tr25ll$10f9$1@gal.iecc.com> <tr28ot$22s45$1@dont-email.me> <06kfajxqvs.ln2@Telcontar.valinor>
Injection-Date: Sat, 28 Jan 2023 16:23:41 -0000 (UTC)
Injection-Info: reader01.eternal-september.org; posting-host="e23757c86b097709cac4e6f15575c4ff";
logging-data="2415736"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/OXbp7+6RlwUYN/Vt303BWB5S6cWuRmIo="
Cancel-Lock: sha1:5o3v12fAHQB6kySCy6MTacTOIFA=
X-Newsreader: trn 4.0-test77 (Sep 1, 2010)
 by: Adam H. Kerman - Sat, 28 Jan 2023 16:23 UTC

Carlos E.R. <robin_listas@es.invalid> wrote:
>On 2023-01-28 05:36, Adam H. Kerman wrote:
>>John Levine <johnl@taugh.com> wrote:
>>>It appears that Adam H. Kerman <ahk@chinet.com> said:

>>>>I wonder: Am I receiving all SPF failure messages?

>>>What do you mean by SPF failure messages? SPF is an authentication
>>>scheme, it doesn't send anything. If you mean do all of the SMTP
>>>rejections say "we hate your SPF", nope. Also keep in mind that few
>>>non-hobbyist mail systems reject solely because of SPF failure.

>>Perhaps if you'd read the rest of what I'd written, or even the entire
>>paragraph, instead of just the one sentence, the meaning would have been
>>entirely clear to you from context.

>>The domain has an SPF policy. I don't have a shell account on the host
>>of that domain. I do have various email addresses. Using alpine from my
>>own host, I am in violation of the SPF policy. If the network receiving
>>email enforces the domain's SPF policy, it won't receive my messages.

>Well, you have to use the smtp server that is authorized to send email
>for the domain, not yours.

This is irrelevant to the issue that I have raised. In fact, if you had
read the root article, I stated that I use roles, which is where SMTP is
set up.
>>If I'm being treated like a forger, I'm questioning whether the site
>>necessarily sends a notice stating that the message was rejected, given
>>that it's going to assume ENVELOPE-FROM was forged.

>If by message you mean an email, no.

Oh my gawd

What is it with inability to glean meaning from context? Yes, I've been
discussing email messages all along. That's what we discuss in this newsgroup.

>The smtp server will reply with a
>more or less helpful "text", that the smtp server that is talking on
>your behalf will log in the mail log file. It is up to the sending smtp
>server to send you a rejection email, or not.

Asking about common practice of sending such a message was the entire
point of this thread!

If the message is rejected, then I'm being treated like a forging
spammer per SPF policy. The receiving site would assume ENVELOPE-FROM
was forged, and for that reason, there's no reason to send any failure
notice to that address.

I don't have access to log files. I've already stated that I don't have
access to the DNS zone file, otherwise I'd fix SPF to reflect how we
actually send messages.

Re: SPF failure messages

<dj8gajxbic.ln2@Telcontar.valinor>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=491&group=comp.mail.pine#491

 copy link   Newsgroups: comp.mail.pine
Path: i2pn2.org!i2pn.org!news.swapon.de!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: robin_li...@es.invalid (Carlos E.R.)
Newsgroups: comp.mail.pine
Subject: Re: SPF failure messages
Date: Sat, 28 Jan 2023 20:11:09 +0100
Lines: 70
Message-ID: <dj8gajxbic.ln2@Telcontar.valinor>
References: <tr1gi7$1rs5v$1@dont-email.me> <tr25ll$10f9$1@gal.iecc.com>
<tr28ot$22s45$1@dont-email.me> <06kfajxqvs.ln2@Telcontar.valinor>
<tr3i6d$29n3o$1@dont-email.me>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Trace: individual.net hGc+sJGEXC3blhcvycEWAwdkD+a/7i+aeup+M+upccWhyfWzeT
X-Orig-Path: Telcontar.valinor!not-for-mail
Cancel-Lock: sha1:orn7ENSnfp/flzhYT9/WwkhRrWE=
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101
Thunderbird/102.6.1
Content-Language: es-ES, en-CA
In-Reply-To: <tr3i6d$29n3o$1@dont-email.me>
 by: Carlos E.R. - Sat, 28 Jan 2023 19:11 UTC

On 2023-01-28 17:23, Adam H. Kerman wrote:
> Carlos E.R. <robin_listas@es.invalid> wrote:
>> On 2023-01-28 05:36, Adam H. Kerman wrote:
>>> John Levine <johnl@taugh.com> wrote:
>>>> It appears that Adam H. Kerman <ahk@chinet.com> said:
>
>>>>> I wonder: Am I receiving all SPF failure messages?
>
>>>> What do you mean by SPF failure messages? SPF is an authentication
>>>> scheme, it doesn't send anything. If you mean do all of the SMTP
>>>> rejections say "we hate your SPF", nope. Also keep in mind that few
>>>> non-hobbyist mail systems reject solely because of SPF failure.
>
>>> Perhaps if you'd read the rest of what I'd written, or even the entire
>>> paragraph, instead of just the one sentence, the meaning would have been
>>> entirely clear to you from context.
>
>>> The domain has an SPF policy. I don't have a shell account on the host
>>> of that domain. I do have various email addresses. Using alpine from my
>>> own host, I am in violation of the SPF policy. If the network receiving
>>> email enforces the domain's SPF policy, it won't receive my messages.
>
>> Well, you have to use the smtp server that is authorized to send email
>> for the domain, not yours.
>
> This is irrelevant to the issue that I have raised. In fact, if you had
> read the root article, I stated that I use roles, which is where SMTP is
> set up.

I know you are using roles.

>
>>> If I'm being treated like a forger, I'm questioning whether the site
>>> necessarily sends a notice stating that the message was rejected, given
>>> that it's going to assume ENVELOPE-FROM was forged.
>
>> If by message you mean an email, no.
>
> Oh my gawd
>
> What is it with inability to glean meaning from context? Yes, I've been
> discussing email messages all along. That's what we discuss in this newsgroup.
>
>> The smtp server will reply with a
>> more or less helpful "text", that the smtp server that is talking on
>> your behalf will log in the mail log file. It is up to the sending smtp
>> server to send you a rejection email, or not.
>
> Asking about common practice of sending such a message was the entire
> point of this thread!
>
> If the message is rejected, then I'm being treated like a forging
> spammer per SPF policy. The receiving site would assume ENVELOPE-FROM
> was forged, and for that reason, there's no reason to send any failure
> notice to that address.
>
> I don't have access to log files. I've already stated that I don't have
> access to the DNS zone file, otherwise I'd fix SPF to reflect how we
> actually send messages.

And I am telling you that the SMTP server that refuses your email will
NEVER send you an email with the refusal reason. That is not how it works.

It is your own smtp server (usually at your provider or at your domain)
who is responsible to send you an email with the rejection.

--
Cheers, Carlos.

Re: SPF failure messages

<tr3unt$2c2rs$1@dont-email.me>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=492&group=comp.mail.pine#492

 copy link   Newsgroups: comp.mail.pine
Path: i2pn2.org!i2pn.org!eternal-september.org!reader01.eternal-september.org!.POSTED!not-for-mail
From: ahk...@chinet.com (Adam H. Kerman)
Newsgroups: comp.mail.pine
Subject: Re: SPF failure messages
Date: Sat, 28 Jan 2023 19:57:49 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 90
Message-ID: <tr3unt$2c2rs$1@dont-email.me>
References: <tr1gi7$1rs5v$1@dont-email.me> <06kfajxqvs.ln2@Telcontar.valinor> <tr3i6d$29n3o$1@dont-email.me> <dj8gajxbic.ln2@Telcontar.valinor>
Injection-Date: Sat, 28 Jan 2023 19:57:49 -0000 (UTC)
Injection-Info: reader01.eternal-september.org; posting-host="e23757c86b097709cac4e6f15575c4ff";
logging-data="2493308"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/7pvtpc9NjIHcbew/zy21WJgJRBqCcEv4="
Cancel-Lock: sha1:AWDtA2UGjOls//lYUGzU8qejUj4=
X-Newsreader: trn 4.0-test77 (Sep 1, 2010)
 by: Adam H. Kerman - Sat, 28 Jan 2023 19:57 UTC

Carlos E.R. <robin_listas@es.invalid> wrote:
>On 2023-01-28 17:23, Adam H. Kerman wrote:
>>Carlos E.R. <robin_listas@es.invalid> wrote:
>>>On 2023-01-28 05:36, Adam H. Kerman wrote:
>>>>John Levine <johnl@taugh.com> wrote:
>>>>>It appears that Adam H. Kerman <ahk@chinet.com> said:

>>>>>>I wonder: Am I receiving all SPF failure messages?

>>>>>What do you mean by SPF failure messages? SPF is an authentication
>>>>>scheme, it doesn't send anything. If you mean do all of the SMTP
>>>>>rejections say "we hate your SPF", nope. Also keep in mind that few
>>>>>non-hobbyist mail systems reject solely because of SPF failure.

>>>>Perhaps if you'd read the rest of what I'd written, or even the entire
>>>>paragraph, instead of just the one sentence, the meaning would have been
>>>>entirely clear to you from context.

>>>>The domain has an SPF policy. I don't have a shell account on the host
>>>>of that domain. I do have various email addresses. Using alpine from my
>>>>own host, I am in violation of the SPF policy. If the network receiving
>>>>email enforces the domain's SPF policy, it won't receive my messages.

>>>Well, you have to use the smtp server that is authorized to send email
>>>for the domain, not yours.

>>This is irrelevant to the issue that I have raised. In fact, if you had
>>read the root article, I stated that I use roles, which is where SMTP is
>>set up.

>I know you are using roles.

Then what could have possibly been the point of the comment that I have
to use the SMTP server authorized to send email for that domain given that
the user creates a role to tell alpine which SMTP server is authorized to
send email for that domain?

That's irrelevant to the SPF policy.

I have a shell account on host1.example.net. I use alpine from the
shell. I send messages from user1@example.com. In a role, when I am
sending messages from user1@example.com, alpine is instructed to use the
SMTP server smtp.example.com, the SMTP server that's authorized to send
mail for the domain example.com.

The SPF policy violation is that my email client is on a host that is
in an unlisted foreign network.

>>>>If I'm being treated like a forger, I'm questioning whether the site
>>>>necessarily sends a notice stating that the message was rejected, given
>>>>that it's going to assume ENVELOPE-FROM was forged.

>>>If by message you mean an email, no.

>>Oh my gawd

>>What is it with inability to glean meaning from context? Yes, I've
>>been discussing email messages all along. That's what we discuss in
>>this newsgroup.

>>>The smtp server will reply with a more or less helpful "text", that
>>>the smtp server that is talking on your behalf will log in the mail
>>>log file. It is up to the sending smtp server to send you a rejection
>>>email, or not.

>>Asking about common practice of sending such a message was the entire
>>point of this thread!

>>If the message is rejected, then I'm being treated like a forging
>>spammer per SPF policy. The receiving site would assume ENVELOPE-FROM
>>was forged, and for that reason, there's no reason to send any failure
>>notice to that address.

>>I don't have access to log files. I've already stated that I don't have
>>access to the DNS zone file, otherwise I'd fix SPF to reflect how we
>>actually send messages.

>And I am telling you that the SMTP server that refuses your email will
>NEVER send you an email with the refusal reason. That is not how it works.

>It is your own smtp server (usually at your provider or at your domain)
>who is responsible to send you an email with the rejection.

Ok. Thank you. That was helpful. Reviewing the failure notices, none of
them came from the domain that refused the connection. None of them came
from the SMTP server for the domain in question. Instead they came from
the mail server in my own network.

So that truly suggests I'm not missing any failure notices, which is
what I needed to know.

Re: SPF failure messages

<k3ld59F6vd0U1@mid.individual.net>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=493&group=comp.mail.pine#493

 copy link   Newsgroups: comp.mail.pine
Path: i2pn2.org!i2pn.org!news.swapon.de!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: use...@example.net (J.O. Aho)
Newsgroups: comp.mail.pine
Subject: Re: SPF failure messages
Date: Sat, 28 Jan 2023 20:59:37 +0100
Lines: 26
Message-ID: <k3ld59F6vd0U1@mid.individual.net>
References: <tr1gi7$1rs5v$1@dont-email.me> <tr25ll$10f9$1@gal.iecc.com>
<tr28ot$22s45$1@dont-email.me> <06kfajxqvs.ln2@Telcontar.valinor>
<tr3i6d$29n3o$1@dont-email.me>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Trace: individual.net jvIlI6Lv+ow2jLO5pVG9sgO9FGJZPo5inR5MQeICk0ULDkhqQO
Cancel-Lock: sha1:u/txwZsc9FUAJWmY2jkD2EOgb5w=
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101
Thunderbird/102.6.1
Content-Language: en-US-large
In-Reply-To: <tr3i6d$29n3o$1@dont-email.me>
 by: J.O. Aho - Sat, 28 Jan 2023 19:59 UTC

On 28/01/2023 17:23, Adam H. Kerman wrote:

> If the message is rejected, then I'm being treated like a forging
> spammer per SPF policy. The receiving site would assume ENVELOPE-FROM
> was forged, and for that reason, there's no reason to send any failure
> notice to that address.

It's not the receiving end that send you the mail notifications, it's
the sending end that does that.

> I don't have access to log files. I've already stated that I don't have
> access to the DNS zone file, otherwise I'd fix SPF to reflect how we
> actually send messages.

It's a big difference between zone files and a servers log files, there
are many server administrators who don't have access to the zone file.

I do suggest you use the smtp server that the SPF record defines as the
one allowed, if you do not have access to use it, then ask if it would
be possible get an account that can send from that smtp server.
You will need to have different outgoing smtp for each domain.

--

//Aho

Re: SPF failure messages

<tr3vkk$2c5ac$1@dont-email.me>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=494&group=comp.mail.pine#494

 copy link   Newsgroups: comp.mail.pine
Path: i2pn2.org!i2pn.org!eternal-september.org!reader01.eternal-september.org!.POSTED!not-for-mail
From: ahk...@chinet.com (Adam H. Kerman)
Newsgroups: comp.mail.pine
Subject: Re: SPF failure messages
Date: Sat, 28 Jan 2023 20:13:08 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 17
Message-ID: <tr3vkk$2c5ac$1@dont-email.me>
References: <tr1gi7$1rs5v$1@dont-email.me> <06kfajxqvs.ln2@Telcontar.valinor> <tr3i6d$29n3o$1@dont-email.me> <k3ld59F6vd0U1@mid.individual.net>
Injection-Date: Sat, 28 Jan 2023 20:13:08 -0000 (UTC)
Injection-Info: reader01.eternal-september.org; posting-host="e23757c86b097709cac4e6f15575c4ff";
logging-data="2495820"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX19Yqg54/l9wRhRpMQm3RlnG8a3+uJaTsgg="
Cancel-Lock: sha1:bHO67j1aTMHgkdNgyNQUSpHyX64=
X-Newsreader: trn 4.0-test77 (Sep 1, 2010)
 by: Adam H. Kerman - Sat, 28 Jan 2023 20:13 UTC

J.O. Aho <user@example.net> wrote:

>. . .

>I do suggest you use the smtp server that the SPF record defines as the
>one allowed, if you do not have access to use it, then ask if it would
>be possible get an account that can send from that smtp server.
>You will need to have different outgoing smtp for each domain.

As I have explained since the root article in this thread, I am using
the SMTP server for the domain in question. I use a different SMTP
server for each domain I send messages from. The SMTP server to use
is named in the role. None of this has anything to do with SPF.

No, I am not going to get a shell account on a host that's on the
network in question just so I can use alpine without violating the SPF
restriction. That doesn't meet my needs.

Re: SPF failure messages

<k3lgkaF6vcuU1@mid.individual.net>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=495&group=comp.mail.pine#495

 copy link   Newsgroups: comp.mail.pine
Path: i2pn2.org!i2pn.org!news.swapon.de!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: use...@example.net (J.O. Aho)
Newsgroups: comp.mail.pine
Subject: Re: SPF failure messages
Date: Sat, 28 Jan 2023 21:58:50 +0100
Lines: 37
Message-ID: <k3lgkaF6vcuU1@mid.individual.net>
References: <tr1gi7$1rs5v$1@dont-email.me> <06kfajxqvs.ln2@Telcontar.valinor>
<tr3i6d$29n3o$1@dont-email.me> <k3ld59F6vd0U1@mid.individual.net>
<tr3vkk$2c5ac$1@dont-email.me>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Trace: individual.net 9q8xdStobpKwDUoopQyYuAS6D0pyOnB5ckkZeGa5GqqyM1JFV5
Cancel-Lock: sha1:aI/MnCvCL1n8IlUaWyy/WqJ98OI=
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101
Thunderbird/102.6.1
Content-Language: en-US-large
In-Reply-To: <tr3vkk$2c5ac$1@dont-email.me>
 by: J.O. Aho - Sat, 28 Jan 2023 20:58 UTC

On 28/01/2023 21:13, Adam H. Kerman wrote:
> J.O. Aho <user@example.net> wrote:
>
>> . . .
>
>> I do suggest you use the smtp server that the SPF record defines as the
>> one allowed, if you do not have access to use it, then ask if it would
>> be possible get an account that can send from that smtp server.
>> You will need to have different outgoing smtp for each domain.
>
> As I have explained since the root article in this thread, I am using
> the SMTP server for the domain in question. I use a different SMTP
> server for each domain I send messages from. The SMTP server to use
> is named in the role. None of this has anything to do with SPF.

I did not see any mentioning that you hade configured domain specific
smtp servers, all I really saw was that you barfed on having to use
webmail to send.

If you are using the correct SMTP server for sending the mail, then SPF
will not affect you, on the other hand DMARC could affect you,
specially if the DKIM isn't properly configured on the sending SMTP or
the public key missing in the DNS domainkey record mentioned in the DKIM
signing.
Still the sending stmp server that will notify about mail rejected.

> No, I am not going to get a shell account on a host that's on the
> network in question just so I can use alpine without violating the SPF
> restriction. That doesn't meet my needs.

No one was talking about a shell account, mail account (the one you
have as sending email address) on the authorized smtp server.

--

//Aho

Re: SPF failure messages

<05hgajxnfi.ln2@Telcontar.valinor>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=496&group=comp.mail.pine#496

 copy link   Newsgroups: comp.mail.pine
Path: i2pn2.org!i2pn.org!news.swapon.de!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: robin_li...@es.invalid (Carlos E.R.)
Newsgroups: comp.mail.pine
Subject: Re: SPF failure messages
Date: Sat, 28 Jan 2023 22:37:04 +0100
Lines: 126
Message-ID: <05hgajxnfi.ln2@Telcontar.valinor>
References: <tr1gi7$1rs5v$1@dont-email.me> <06kfajxqvs.ln2@Telcontar.valinor>
<tr3i6d$29n3o$1@dont-email.me> <dj8gajxbic.ln2@Telcontar.valinor>
<tr3unt$2c2rs$1@dont-email.me>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
X-Trace: individual.net aWzrnknZzrrPXKBuZrDyjgMRXV7x1E0ZjmECXXY2MvWKy7IFXP
X-Orig-Path: Telcontar.valinor!not-for-mail
Cancel-Lock: sha1:TDtVR6R/5VzvnStLJmMwJ4GeGg4=
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101
Thunderbird/102.6.1
Content-Language: es-ES, en-CA
In-Reply-To: <tr3unt$2c2rs$1@dont-email.me>
 by: Carlos E.R. - Sat, 28 Jan 2023 21:37 UTC

On 2023-01-28 20:57, Adam H. Kerman wrote:
> Carlos E.R. <robin_listas@es.invalid> wrote:
>> On 2023-01-28 17:23, Adam H. Kerman wrote:
>>> Carlos E.R. <robin_listas@es.invalid> wrote:
>>>> On 2023-01-28 05:36, Adam H. Kerman wrote:
>>>>> John Levine <johnl@taugh.com> wrote:
>>>>>> It appears that Adam H. Kerman <ahk@chinet.com> said:
>
>>>>>>> I wonder: Am I receiving all SPF failure messages?
>
>>>>>> What do you mean by SPF failure messages? SPF is an authentication
>>>>>> scheme, it doesn't send anything. If you mean do all of the SMTP
>>>>>> rejections say "we hate your SPF", nope. Also keep in mind that few
>>>>>> non-hobbyist mail systems reject solely because of SPF failure.
>
>>>>> Perhaps if you'd read the rest of what I'd written, or even the entire
>>>>> paragraph, instead of just the one sentence, the meaning would have been
>>>>> entirely clear to you from context.
>
>>>>> The domain has an SPF policy. I don't have a shell account on the host
>>>>> of that domain. I do have various email addresses. Using alpine from my
>>>>> own host, I am in violation of the SPF policy. If the network receiving
>>>>> email enforces the domain's SPF policy, it won't receive my messages.
>
>>>> Well, you have to use the smtp server that is authorized to send email
>>>> for the domain, not yours.
>
>>> This is irrelevant to the issue that I have raised. In fact, if you had
>>> read the root article, I stated that I use roles, which is where SMTP is
>>> set up.
>
>> I know you are using roles.
>
> Then what could have possibly been the point of the comment that I have
> to use the SMTP server authorized to send email for that domain given that
> the user creates a role to tell alpine which SMTP server is authorized to
> send email for that domain?
>
> That's irrelevant to the SPF policy.
>
> I have a shell account on host1.example.net. I use alpine from the
> shell. I send messages from user1@example.com. In a role, when I am
> sending messages from user1@example.com, alpine is instructed to use the
> SMTP server smtp.example.com, the SMTP server that's authorized to send
> mail for the domain example.com.
>
> The SPF policy violation is that my email client is on a host that is
> in an unlisted foreign network.

No, that is not a violation.

For example, I use Alpine, with a role to send emails with
somename@telefonica.net. Alpine I have configured to pass the email to
my own postfix, which is on a dynamic address and thus not authorized by
Telefónica, obviously.

I pass the email over to smtp.telefonica.net. My postfix authenticates
as customer using a login and password, and then the smtp server sends
email to the destination. They are authorized.

cer@Telcontar:~> host -t TXT telefonica.net
telefonica.net descriptive text "zgk3kx4tm8vnwt6wmg09fym0s51slgt0"
telefonica.net descriptive text "0fgjbcgt3yv41fk9ghygq35k8v133xfp"
telefonica.net descriptive text "v=spf1 mx ptr:mailhost.telefonica.net
mx:dominios.telefonica.net include:spf2.telefonica.net
+a:spf.telefonica.net ip4:213.4.128.121 ip4:213.4.129.0/24
ip4:213.4.134.0/24 ip4:213.4.138.0/24 ip4:213.4.140.7 ip4:213.4.149.0/24
ip4:80.58.60.0/24" " include:spf.e.telefonica.net -all"
cer@Telcontar:~>

The IP of the machine I use to run alpine is irrelevant. It is logged,
but that is not the machine that has to be verified. If I ssh to this
machine from yet another to run Alpine, that is also irrelevant (and not
logged).

>
>>>>> If I'm being treated like a forger, I'm questioning whether the site
>>>>> necessarily sends a notice stating that the message was rejected, given
>>>>> that it's going to assume ENVELOPE-FROM was forged.
>
>>>> If by message you mean an email, no.
>
>>> Oh my gawd
>
>>> What is it with inability to glean meaning from context? Yes, I've
>>> been discussing email messages all along. That's what we discuss in
>>> this newsgroup.
>
>>>> The smtp server will reply with a more or less helpful "text", that
>>>> the smtp server that is talking on your behalf will log in the mail
>>>> log file. It is up to the sending smtp server to send you a rejection
>>>> email, or not.
>
>>> Asking about common practice of sending such a message was the entire
>>> point of this thread!
>
>>> If the message is rejected, then I'm being treated like a forging
>>> spammer per SPF policy. The receiving site would assume ENVELOPE-FROM
>>> was forged, and for that reason, there's no reason to send any failure
>>> notice to that address.
>
>>> I don't have access to log files. I've already stated that I don't have
>>> access to the DNS zone file, otherwise I'd fix SPF to reflect how we
>>> actually send messages.
>
>> And I am telling you that the SMTP server that refuses your email will
>> NEVER send you an email with the refusal reason. That is not how it works.
>
>> It is your own smtp server (usually at your provider or at your domain)
>> who is responsible to send you an email with the rejection.
>
> Ok. Thank you. That was helpful. Reviewing the failure notices, none of
> them came from the domain that refused the connection. None of them came
> from the SMTP server for the domain in question. Instead they came from
> the mail server in my own network.
>
> So that truly suggests I'm not missing any failure notices, which is
> what I needed to know.

Good :-)

--
Cheers, Carlos.

Re: SPF failure messages

<tr44mn$2d20o$1@dont-email.me>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=497&group=comp.mail.pine#497

 copy link   Newsgroups: comp.mail.pine
Path: i2pn2.org!i2pn.org!eternal-september.org!reader01.eternal-september.org!.POSTED!not-for-mail
From: ahk...@chinet.com (Adam H. Kerman)
Newsgroups: comp.mail.pine
Subject: Re: SPF failure messages
Date: Sat, 28 Jan 2023 21:39:35 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 31
Message-ID: <tr44mn$2d20o$1@dont-email.me>
References: <tr1gi7$1rs5v$1@dont-email.me> <k3ld59F6vd0U1@mid.individual.net> <tr3vkk$2c5ac$1@dont-email.me> <k3lgkaF6vcuU1@mid.individual.net>
Injection-Date: Sat, 28 Jan 2023 21:39:35 -0000 (UTC)
Injection-Info: reader01.eternal-september.org; posting-host="e23757c86b097709cac4e6f15575c4ff";
logging-data="2525208"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/8A3xay2OcjT5fcH6tTtattXyGO4R09Xg="
Cancel-Lock: sha1:6iMmBG7In4nIIDmcz5kUgES49tQ=
X-Newsreader: trn 4.0-test77 (Sep 1, 2010)
 by: Adam H. Kerman - Sat, 28 Jan 2023 21:39 UTC

J.O. Aho <user@example.net> wrote:
>On 28/01/2023 21:13, Adam H. Kerman wrote:
>>J.O. Aho <user@example.net> wrote:

>>>. . .

>>>I do suggest you use the smtp server that the SPF record defines as the
>>>one allowed, if you do not have access to use it, then ask if it would
>>>be possible get an account that can send from that smtp server.
>>>You will need to have different outgoing smtp for each domain.

>>As I have explained since the root article in this thread, I am using
>>the SMTP server for the domain in question. I use a different SMTP
>>server for each domain I send messages from. The SMTP server to use
>>is named in the role. None of this has anything to do with SPF.

>I did not see any mentioning that you hade configured domain specific
>smtp servers, . . .

For business purposes, I send email through a variety of domains,
each specific to a business. I have set up IMAP and roles within
alpine to facilitate this.

I wrote this in the root article. I repeated it in several followups.
This is irrelevant to the problem I'm having.

>If you are using the correct SMTP server for sending the mail, then SPF
>will not affect you, . . .

There's no point in discussing this with you since you refuse to believe
what I've literally written. Other people told me what I needed to know.

Re: SPF failure messages

<tr4633$2d20o$2@dont-email.me>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=498&group=comp.mail.pine#498

 copy link   Newsgroups: comp.mail.pine
Path: i2pn2.org!i2pn.org!eternal-september.org!reader01.eternal-september.org!.POSTED!not-for-mail
From: ahk...@chinet.com (Adam H. Kerman)
Newsgroups: comp.mail.pine
Subject: Re: SPF failure messages
Date: Sat, 28 Jan 2023 22:03:15 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 25
Message-ID: <tr4633$2d20o$2@dont-email.me>
References: <tr1gi7$1rs5v$1@dont-email.me> <dj8gajxbic.ln2@Telcontar.valinor> <tr3unt$2c2rs$1@dont-email.me> <05hgajxnfi.ln2@Telcontar.valinor>
Injection-Date: Sat, 28 Jan 2023 22:03:15 -0000 (UTC)
Injection-Info: reader01.eternal-september.org; posting-host="e23757c86b097709cac4e6f15575c4ff";
logging-data="2525208"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/1UjvN/LL/NkDEEzV6VdO2ASEPYinUJmo="
Cancel-Lock: sha1:pEiFmnWVR09E2Wme7rEK8SAVNEs=
X-Newsreader: trn 4.0-test77 (Sep 1, 2010)
 by: Adam H. Kerman - Sat, 28 Jan 2023 22:03 UTC

Carlos E.R. <robin_listas@es.invalid> wrote:
>On 2023-01-28 20:57, Adam H. Kerman wrote:

>>. . .

>>That's irrelevant to the SPF policy.

>>I have a shell account on host1.example.net. I use alpine from the
>>shell. I send messages from user1@example.com. In a role, when I am
>>sending messages from user1@example.com, alpine is instructed to use the
>>SMTP server smtp.example.com, the SMTP server that's authorized to send
>>mail for the domain example.com.

>>The SPF policy violation is that my email client is on a host that is
>>in an unlisted foreign network.

>No, that is not a violation.

As I've explained, the SPF policy has an -all restriction and rejects
the IP address of my host. It's literally in all the failure notices
I've received.

I cannot explain why your -all restriction isn't tripping you up.

>. . .

Re: SPF failure messages

<tr4a9u$1dsn$1@gal.iecc.com>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=499&group=comp.mail.pine#499

 copy link   Newsgroups: comp.mail.pine
Path: i2pn2.org!i2pn.org!weretis.net!feeder6.news.weretis.net!news.misty.com!news.iecc.com!.POSTED.news.iecc.com!not-for-mail
From: joh...@taugh.com (John Levine)
Newsgroups: comp.mail.pine
Subject: Re: SPF failure messages
Date: Sat, 28 Jan 2023 23:15:10 -0000 (UTC)
Organization: Taughannock Networks
Message-ID: <tr4a9u$1dsn$1@gal.iecc.com>
References: <tr1gi7$1rs5v$1@dont-email.me> <tr3unt$2c2rs$1@dont-email.me> <05hgajxnfi.ln2@Telcontar.valinor> <tr4633$2d20o$2@dont-email.me>
Injection-Date: Sat, 28 Jan 2023 23:15:10 -0000 (UTC)
Injection-Info: gal.iecc.com; posting-host="news.iecc.com:2001:470:1f07:1126:0:676f:7373:6970";
logging-data="46999"; mail-complaints-to="abuse@iecc.com"
In-Reply-To: <tr1gi7$1rs5v$1@dont-email.me> <tr3unt$2c2rs$1@dont-email.me> <05hgajxnfi.ln2@Telcontar.valinor> <tr4633$2d20o$2@dont-email.me>
Cleverness: some
X-Newsreader: trn 4.0-test77 (Sep 1, 2010)
Originator: johnl@iecc.com (John Levine)
 by: John Levine - Sat, 28 Jan 2023 23:15 UTC

According to Adam H. Kerman <ahk@chinet.com>:
>As I've explained, the SPF policy has an -all restriction and rejects
>the IP address of my host. It's literally in all the failure notices
>I've received.

I believe it, but I am also guessing that those are from very small systems.
As I said a few messages ago, serious mail systems ignore -all because there
are so many false positives. The place where -all causes trouble in practice
is with DMARC policies which depend on SPF alignment.

>I cannot explain why your -all restriction isn't tripping you up.

See above.

In any event, if your mail provider insists on a stupid configuration,
either you live with it, or you take your business elsewhere.

--
Regards,
John Levine, johnl@taugh.com, Primary Perpetrator of "The Internet for Dummies",
Please consider the environment before reading this e-mail. https://jl.ly

Re: SPF failure messages

<k3lqt1F6vcuU2@mid.individual.net>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=500&group=comp.mail.pine#500

 copy link   Newsgroups: comp.mail.pine
Path: i2pn2.org!i2pn.org!news.swapon.de!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: use...@example.net (J.O. Aho)
Newsgroups: comp.mail.pine
Subject: Re: SPF failure messages
Date: Sun, 29 Jan 2023 00:54:09 +0100
Lines: 51
Message-ID: <k3lqt1F6vcuU2@mid.individual.net>
References: <tr1gi7$1rs5v$1@dont-email.me> <k3ld59F6vd0U1@mid.individual.net>
<tr3vkk$2c5ac$1@dont-email.me> <k3lgkaF6vcuU1@mid.individual.net>
<tr44mn$2d20o$1@dont-email.me>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Trace: individual.net fEdjaTtP4zVlGbIwpMrMjg20Hskx5L7BSi11ZKXQTezOZjFHvv
Cancel-Lock: sha1:ehAAyqax1Fuj5k2uwVo8Rgy1HZ8=
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101
Thunderbird/102.6.1
Content-Language: en-US-large
In-Reply-To: <tr44mn$2d20o$1@dont-email.me>
 by: J.O. Aho - Sat, 28 Jan 2023 23:54 UTC

On 28/01/2023 22:39, Adam H. Kerman wrote:
> J.O. Aho <user@example.net> wrote:
>> On 28/01/2023 21:13, Adam H. Kerman wrote:
>>> J.O. Aho <user@example.net> wrote:
>
>>>> . . .
>
>>>> I do suggest you use the smtp server that the SPF record defines as the
>>>> one allowed, if you do not have access to use it, then ask if it would
>>>> be possible get an account that can send from that smtp server.
>>>> You will need to have different outgoing smtp for each domain.
>
>>> As I have explained since the root article in this thread, I am using
>>> the SMTP server for the domain in question. I use a different SMTP
>>> server for each domain I send messages from. The SMTP server to use
>>> is named in the role. None of this has anything to do with SPF.
>
>> I did not see any mentioning that you hade configured domain specific
>> smtp servers, . . .
>
> For business purposes, I send email through a variety of domains,
> each specific to a business. I have set up IMAP and roles within
> alpine to facilitate this.
>
> I wrote this in the root article. I repeated it in several followups.
> This is irrelevant to the problem I'm having.

Still do not specify anything about your smtp setup, so if you have
issues due of SPF then your error is in the smtp-server in your ~/.pinerc

>> If you are using the correct SMTP server for sending the mail, then SPF
>> will not affect you, . . .
>
> There's no point in discussing this with you since you refuse to believe
> what I've literally written.

You are to vague and lack of example, like how the domains SPF record
look like.
if it's "v=spf1 -all" then no matter what smtp server you try to use, it
will not be accepted.

> Other people told me what I needed to know.

I can see you don't really trust them either... so your loss.

--

//Aho

Re: SPF failure messages

<9ppgajxtuq.ln2@Telcontar.valinor>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=501&group=comp.mail.pine#501

 copy link   Newsgroups: comp.mail.pine
Path: i2pn2.org!i2pn.org!news.swapon.de!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: robin_li...@es.invalid (Carlos E.R.)
Newsgroups: comp.mail.pine
Subject: Re: SPF failure messages
Date: Sun, 29 Jan 2023 01:04:25 +0100
Lines: 88
Message-ID: <9ppgajxtuq.ln2@Telcontar.valinor>
References: <tr1gi7$1rs5v$1@dont-email.me> <dj8gajxbic.ln2@Telcontar.valinor>
<tr3unt$2c2rs$1@dont-email.me> <05hgajxnfi.ln2@Telcontar.valinor>
<tr4633$2d20o$2@dont-email.me>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Trace: individual.net 59tb5tDHCWTJqjT3GpmKPwW8cNd8Ar7w9lHcozkUTkSWAErbk5
X-Orig-Path: Telcontar.valinor!not-for-mail
Cancel-Lock: sha1:PGuJPltiSql+XGuU4NNRhEeez6c=
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101
Thunderbird/102.6.1
Content-Language: es-ES, en-CA
In-Reply-To: <tr4633$2d20o$2@dont-email.me>
 by: Carlos E.R. - Sun, 29 Jan 2023 00:04 UTC

On 2023-01-28 23:03, Adam H. Kerman wrote:
> Carlos E.R. <robin_listas@es.invalid> wrote:
>> On 2023-01-28 20:57, Adam H. Kerman wrote:
>
>>> . . .
>
>>> That's irrelevant to the SPF policy.
>
>>> I have a shell account on host1.example.net. I use alpine from the
>>> shell. I send messages from user1@example.com. In a role, when I am
>>> sending messages from user1@example.com, alpine is instructed to use the
>>> SMTP server smtp.example.com, the SMTP server that's authorized to send
>>> mail for the domain example.com.
>
>>> The SPF policy violation is that my email client is on a host that is
>>> in an unlisted foreign network.
>
>> No, that is not a violation.
>
> As I've explained, the SPF policy has an -all restriction and rejects
> the IP address of my host. It's literally in all the failure notices
> I've received.

Well, without actually seeing the actual data, I can only guess that
someone is not doing things properly, or someone not interpreting things
properly.

>
> I cannot explain why your -all restriction isn't tripping you up.

Because I am doing it correctly :-)

I just sent an email to myself, from one account at telefonica to
another at gmail.

This is alpine talking with my postfix server:

Received: from localhost (localhost [127.0.0.1])
by Telcontar.valinor (Postfix) with ESMTP id AC3B4320A51
for <...@gmail.com>; Sun, 29 Jan 2023 00:48:59 +0100 (CET)

This is my ISP getting the email (with some line wrapping):

Received: from Telcontar.valinor (Y.red-X-151-90.dynamicip.rima-tde.net
[79.151.X.Y])
(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
(Authenticated sender: ...@telefonica.net)
by relayout04.e.movistar.es (Postfix) with ESMTPSA id 4P4B3w0pPWz17RY
for <...@gmail.com>; Sun, 29 Jan 2023 00:49:00 +0100 (CET)

This is google receiving it and verifying SPF:

Received: from relayout04-q02.e.movistar.es
(relayout04-q02.e.movistar.es. [86.109.101.172])
by mx.google.com with ESMTPS id
p19-20020a1c5453000000b003dc1d5ebb1fsi3235601wmi.95.2023.01.28.15.49.00
for <...@gmail.com>
(version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256);
Sat, 28 Jan 2023 15:49:00 -0800 (PST)

Received-SPF: pass (google.com: domain of ...@telefonica.net designates
86.109.101.172 as permitted sender) client-ip=86.109.101.172;

Authentication-Results: mx.google.com;
spf=pass (google.com: domain of ...@telefonica.net designates
86.109.101.172 as permitted sender) smtp.mailfrom=...@telefonica.net;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=telefonica.net

As you can see, Google doesn't care that the machine where I run Alpine,
at 79.151.X.Y, is not authorized. It doesn't even look at it. What it
looks is at the SMTP at 86.109.101.172, my ISP relay.

--
Cheers, Carlos.

Re: SPF failure messages

<tr4ddv$2ej8r$1@dont-email.me>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=502&group=comp.mail.pine#502

 copy link   Newsgroups: comp.mail.pine
Path: i2pn2.org!i2pn.org!eternal-september.org!reader01.eternal-september.org!.POSTED!not-for-mail
From: ahk...@chinet.com (Adam H. Kerman)
Newsgroups: comp.mail.pine
Subject: Re: SPF failure messages
Date: Sun, 29 Jan 2023 00:08:31 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 30
Message-ID: <tr4ddv$2ej8r$1@dont-email.me>
References: <tr1gi7$1rs5v$1@dont-email.me> <05hgajxnfi.ln2@Telcontar.valinor> <tr4633$2d20o$2@dont-email.me> <tr4a9u$1dsn$1@gal.iecc.com>
Injection-Date: Sun, 29 Jan 2023 00:08:31 -0000 (UTC)
Injection-Info: reader01.eternal-september.org; posting-host="1caf2c1db850228ba58e18614f75b4df";
logging-data="2575643"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1+hU8oRZYoBjkiGsdOszQ1rJAJZ5/awJQc="
Cancel-Lock: sha1:iUFGLFmDSbISDEEo1rgW++iVht8=
X-Newsreader: trn 4.0-test77 (Sep 1, 2010)
 by: Adam H. Kerman - Sun, 29 Jan 2023 00:08 UTC

John Levine <johnl@taugh.com> wrote:
>According to Adam H. Kerman <ahk@chinet.com>:

>>As I've explained, the SPF policy has an -all restriction and rejects
>>the IP address of my host. It's literally in all the failure notices
>>I've received.

>I believe it, but I am also guessing that those are from very small systems.

Gmail?

>As I said a few messages ago, serious mail systems ignore -all because there
>are so many false positives. The place where -all causes trouble in practice
>is with DMARC policies which depend on SPF alignment.

>>I cannot explain why your -all restriction isn't tripping you up.

>See above.

>In any event, if your mail provider insists on a stupid configuration,
>either you live with it, or you take your business elsewhere.

I've explained and I've explained and I've explained. For bizarre
reasons, nearly everyone in this thread decided I was misrepresenting
the situation or flat-out lying. There's no reason to re-interpret what
I've written.

It's not the email provider. It's our very own SPF policy. I don't have
privileges. The guy who does isn't interested in changing it. I have no
idea how the SPF policy was put there; maybe the domain registrar.

Re: SPF failure messages

<tr4dng$2ej8r$2@dont-email.me>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=503&group=comp.mail.pine#503

 copy link   Newsgroups: comp.mail.pine
Path: i2pn2.org!i2pn.org!eternal-september.org!reader01.eternal-september.org!.POSTED!not-for-mail
From: ahk...@chinet.com (Adam H. Kerman)
Newsgroups: comp.mail.pine
Subject: Re: SPF failure messages
Date: Sun, 29 Jan 2023 00:13:36 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 9
Message-ID: <tr4dng$2ej8r$2@dont-email.me>
References: <tr1gi7$1rs5v$1@dont-email.me> <k3lgkaF6vcuU1@mid.individual.net> <tr44mn$2d20o$1@dont-email.me> <k3lqt1F6vcuU2@mid.individual.net>
Injection-Date: Sun, 29 Jan 2023 00:13:36 -0000 (UTC)
Injection-Info: reader01.eternal-september.org; posting-host="1caf2c1db850228ba58e18614f75b4df";
logging-data="2575643"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/BMwwYgBar7o+WmwCtKpvburT0nVkk0G0="
Cancel-Lock: sha1:/TYjgJaav/tvNNvueUHI7MCg9Xo=
X-Newsreader: trn 4.0-test77 (Sep 1, 2010)
 by: Adam H. Kerman - Sun, 29 Jan 2023 00:13 UTC

J.O. Aho <user@example.net> wrote:

>>. . .

>Still do not specify anything about your smtp setup, so if you have
>issues due of SPF then your error is in the smtp-server in your ~/.pinerc

At this point, you're trolling me. You are absolutely NOT reading
anything at all I've written and you have said NOTHING relevant.

Re: SPF failure messages

<tr4i7j$221b$1@gal.iecc.com>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=504&group=comp.mail.pine#504

 copy link   Newsgroups: comp.mail.pine
Path: i2pn2.org!i2pn.org!weretis.net!feeder6.news.weretis.net!news.misty.com!news.iecc.com!.POSTED.news.iecc.com!not-for-mail
From: joh...@taugh.com (John Levine)
Newsgroups: comp.mail.pine
Subject: Re: SPF failure messages
Date: Sun, 29 Jan 2023 01:30:27 -0000 (UTC)
Organization: Taughannock Networks
Message-ID: <tr4i7j$221b$1@gal.iecc.com>
References: <tr1gi7$1rs5v$1@dont-email.me> <tr4633$2d20o$2@dont-email.me> <tr4a9u$1dsn$1@gal.iecc.com> <tr4ddv$2ej8r$1@dont-email.me>
Injection-Date: Sun, 29 Jan 2023 01:30:27 -0000 (UTC)
Injection-Info: gal.iecc.com; posting-host="news.iecc.com:2001:470:1f07:1126:0:676f:7373:6970";
logging-data="67627"; mail-complaints-to="abuse@iecc.com"
In-Reply-To: <tr1gi7$1rs5v$1@dont-email.me> <tr4633$2d20o$2@dont-email.me> <tr4a9u$1dsn$1@gal.iecc.com> <tr4ddv$2ej8r$1@dont-email.me>
Cleverness: some
X-Newsreader: trn 4.0-test77 (Sep 1, 2010)
Originator: johnl@iecc.com (John Levine)
 by: John Levine - Sun, 29 Jan 2023 01:30 UTC

It appears that Adam H. Kerman <ahk@chinet.com> said:
>John Levine <johnl@taugh.com> wrote:
>>According to Adam H. Kerman <ahk@chinet.com>:
>
>>>As I've explained, the SPF policy has an -all restriction and rejects
>>>the IP address of my host. It's literally in all the failure notices
>>>I've received.
>
>>I believe it, but I am also guessing that those are from very small systems.
>
>Gmail?

I know people at Gmail and I would be very surprised if they rejected solely for SPF failure.

>>In any event, if your mail provider insists on a stupid configuration,
>>either you live with it, or you take your business elsewhere.
>
>I've explained and I've explained and I've explained. For bizarre
>reasons, nearly everyone in this thread decided I was misrepresenting
>the situation or flat-out lying. There's no reason to re-interpret what
>I've written.

This seems appropriate: https://xkcd.com/1984/

--
Regards,
John Levine, johnl@taugh.com, Primary Perpetrator of "The Internet for Dummies",
Please consider the environment before reading this e-mail. https://jl.ly

Re: SPF failure messages

<tr4l2i$2g189$1@dont-email.me>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=505&group=comp.mail.pine#505

 copy link   Newsgroups: comp.mail.pine
Path: i2pn2.org!i2pn.org!eternal-september.org!reader01.eternal-september.org!.POSTED!not-for-mail
From: ahk...@chinet.com (Adam H. Kerman)
Newsgroups: comp.mail.pine
Subject: Re: SPF failure messages
Date: Sun, 29 Jan 2023 02:18:58 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 19
Message-ID: <tr4l2i$2g189$1@dont-email.me>
References: <tr1gi7$1rs5v$1@dont-email.me> <tr4a9u$1dsn$1@gal.iecc.com> <tr4ddv$2ej8r$1@dont-email.me> <tr4i7j$221b$1@gal.iecc.com>
Injection-Date: Sun, 29 Jan 2023 02:18:58 -0000 (UTC)
Injection-Info: reader01.eternal-september.org; posting-host="1caf2c1db850228ba58e18614f75b4df";
logging-data="2622729"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18NiA/Cf7FH1/1h9GXJjPsWi7+dFsgjTKw="
Cancel-Lock: sha1:pfCX3OcpARGtXN24U8wMe5Z72zM=
X-Newsreader: trn 4.0-test77 (Sep 1, 2010)
 by: Adam H. Kerman - Sun, 29 Jan 2023 02:18 UTC

John Levine <johnl@taugh.com> wrote:
>It appears that Adam H. Kerman <ahk@chinet.com> said:
>>John Levine <johnl@taugh.com> wrote:
>>>According to Adam H. Kerman <ahk@chinet.com>:

>>>>As I've explained, the SPF policy has an -all restriction and rejects
>>>>the IP address of my host. It's literally in all the failure notices
>>>>I've received.

>>>I believe it, but I am also guessing that those are from very small systems.

>>Gmail?

>I know people at Gmail and I would be very surprised if they rejected
>solely for SPF failure.

Got it. I'm the one who lied about the failure notice.

>>>. . .

Re: SPF failure messages

<k3n236F6vd0U2@mid.individual.net>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=507&group=comp.mail.pine#507

 copy link   Newsgroups: comp.mail.pine
Path: i2pn2.org!i2pn.org!news.swapon.de!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: use...@example.net (J.O. Aho)
Newsgroups: comp.mail.pine
Subject: Re: SPF failure messages
Date: Sun, 29 Jan 2023 12:03:02 +0100
Lines: 45
Message-ID: <k3n236F6vd0U2@mid.individual.net>
References: <tr1gi7$1rs5v$1@dont-email.me> <dj8gajxbic.ln2@Telcontar.valinor>
<tr3unt$2c2rs$1@dont-email.me> <05hgajxnfi.ln2@Telcontar.valinor>
<tr4633$2d20o$2@dont-email.me> <9ppgajxtuq.ln2@Telcontar.valinor>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
X-Trace: individual.net TkKVnDfkChSsIaC+BtV2sQWMfu4GxfN6wrC/HdIf8M8rKD+nWS
Cancel-Lock: sha1:TSaX2GpBtLhnfJjozLR23eklymc=
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101
Thunderbird/102.6.1
Content-Language: en-US-large
In-Reply-To: <9ppgajxtuq.ln2@Telcontar.valinor>
 by: J.O. Aho - Sun, 29 Jan 2023 11:03 UTC

On 29/01/2023 01:04, Carlos E.R. wrote:

> This is google receiving it and verifying SPF:
>
>
> Received: from relayout04-q02.e.movistar.es
> (relayout04-q02.e.movistar.es. [86.109.101.172])
>         by mx.google.com with ESMTPS id
> p19-20020a1c5453000000b003dc1d5ebb1fsi3235601wmi.95.2023.01.28.15.49.00
>         for <...@gmail.com>
>         (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305
> bits=256/256);
>         Sat, 28 Jan 2023 15:49:00 -0800 (PST)
>
> Received-SPF: pass (google.com: domain of ...@telefonica.net designates
> 86.109.101.172 as permitted sender) client-ip=86.109.101.172;
>
> Authentication-Results: mx.google.com;
>        spf=pass (google.com: domain of ...@telefonica.net designates
> 86.109.101.172 as permitted sender) smtp.mailfrom=...@telefonica.net;
>        dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=telefonica.net
>
>
>
> As you can see, Google doesn't care that the machine where I run Alpine,
> at 79.151.X.Y, is not authorized. It doesn't even look at it. What it
> looks is at the SMTP at 86.109.101.172, my ISP relay.

It's about the delivering systems IP, not about what is the origin
senders IP, but OP is skeptical to most told to him.

As OP not posted any real information, there are just a few options:

- He send it directly from the client to the recipients mx server as
local sendmail
- He uses a mail server which ain't included in the SPF record

Had he provided the bounce mail with header, then I think we could see
the real fault (misconfiguration of DMARC/SPF or alpine/pine).

--

//Aho

Re: SPF failure messages

<0q5iajxsph.ln2@Telcontar.valinor>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=508&group=comp.mail.pine#508

 copy link   Newsgroups: comp.mail.pine
Path: i2pn2.org!i2pn.org!news.swapon.de!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: robin_li...@es.invalid (Carlos E.R.)
Newsgroups: comp.mail.pine
Subject: Re: SPF failure messages
Date: Sun, 29 Jan 2023 13:35:44 +0100
Lines: 43
Message-ID: <0q5iajxsph.ln2@Telcontar.valinor>
References: <tr1gi7$1rs5v$1@dont-email.me> <dj8gajxbic.ln2@Telcontar.valinor>
<tr3unt$2c2rs$1@dont-email.me> <05hgajxnfi.ln2@Telcontar.valinor>
<tr4633$2d20o$2@dont-email.me> <9ppgajxtuq.ln2@Telcontar.valinor>
<k3n236F6vd0U2@mid.individual.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
X-Trace: individual.net xLWg6Spt1mVHtiE7x1eZ4AORNEBRMrAyLd5oqMnrH7TsU/QL6y
X-Orig-Path: Telcontar.valinor!not-for-mail
Cancel-Lock: sha1:MRV8zKP4WbVhzwOrLkaze7pxCIY=
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101
Thunderbird/102.6.1
Content-Language: es-ES, en-CA
In-Reply-To: <k3n236F6vd0U2@mid.individual.net>
 by: Carlos E.R. - Sun, 29 Jan 2023 12:35 UTC

On 2023-01-29 12:03, J.O. Aho wrote:
> On 29/01/2023 01:04, Carlos E.R. wrote:
>
>> This is google receiving it and verifying SPF:
>>
>>
>> Received: from relayout04-q02.e.movistar.es
>> (relayout04-q02.e.movistar.es. [86.109.101.172])
>>          by mx.google.com with ESMTPS id p19-20020a1c5453000000b003dc1d5ebb1fsi3235601wmi.95.2023.01.28.15.49.00
>>          for <...@gmail.com>
>>          (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256);
>>          Sat, 28 Jan 2023 15:49:00 -0800 (PST)
>>
>> Received-SPF: pass (google.com: domain of ...@telefonica.net
>> designates 86.109.101.172 as permitted sender) client-ip=86.109.101.172;
>>
>> Authentication-Results: mx.google.com;
>>         spf=pass (google.com: domain of ...@telefonica.net designates 86.109.101.172 as permitted sender) smtp.mailfrom=...@telefonica.net;
>>         dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=telefonica.net
>>
>>
>>
>> As you can see, Google doesn't care that the machine where I run
>> Alpine, at 79.151.X.Y, is not authorized. It doesn't even look at it.
>> What it looks is at the SMTP at 86.109.101.172, my ISP relay.
>
> It's about the delivering systems IP, not about what is the origin
> senders IP, but OP is skeptical to most told to him.
>
> As OP not posted any real information, there are just a few options:
>
> - He send it directly from the client to the recipients mx server as
> local sendmail
> - He uses a mail server which ain't included in the SPF record
>
> Had he provided the bounce mail with header, then I think we could see
> the real fault (misconfiguration of DMARC/SPF or alpine/pine).
Right. Lacking the actual report, we can only make guesses based on his
interpretation, which may be correct or not.

--
Cheers, Carlos.

Re: SPF failure messages

<tr69fa$2rkg7$1@dont-email.me>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=509&group=comp.mail.pine#509

 copy link   Newsgroups: comp.mail.pine
Path: i2pn2.org!i2pn.org!eternal-september.org!reader01.eternal-september.org!.POSTED!not-for-mail
From: ahk...@chinet.com (Adam H. Kerman)
Newsgroups: comp.mail.pine
Subject: Re: SPF failure messages
Date: Sun, 29 Jan 2023 17:13:14 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 24
Message-ID: <tr69fa$2rkg7$1@dont-email.me>
References: <tr1gi7$1rs5v$1@dont-email.me> <tr4633$2d20o$2@dont-email.me> <9ppgajxtuq.ln2@Telcontar.valinor> <k3n236F6vd0U2@mid.individual.net>
Injection-Date: Sun, 29 Jan 2023 17:13:14 -0000 (UTC)
Injection-Info: reader01.eternal-september.org; posting-host="1caf2c1db850228ba58e18614f75b4df";
logging-data="3002887"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1+dU8sS1w1js8u+bsLFC3fHEQcWuqC6W3A="
Cancel-Lock: sha1:wFjsmxfolbdFLpUw+ercS5Bm+Q8=
X-Newsreader: trn 4.0-test77 (Sep 1, 2010)
 by: Adam H. Kerman - Sun, 29 Jan 2023 17:13 UTC

J.O. Aho <user@example.net> wrote:

>It's about the delivering systems IP, not about what is the origin
>senders IP, but OP is skeptical to most told to him.

>As OP not posted any real information, there are just a few options:

I posted real information. You simply chose to call me a liar.

>- He send it directly from the client to the recipients mx server as
>local sendmail

I did nothing of the kind.

>- He uses a mail server which ain't included in the SPF record

I am doing nothing of the kind.

>Had he provided the bounce mail with header, then I think we could see
>the real fault (misconfiguration of DMARC/SPF or alpine/pine).

There is no DMARC policy, yet several of you chose to accuse me of lying
about that as well. Why the hell did you raise pine? Pine never had a
roles feature. Now I'm also lying about using alpine.

Re: SPF failure messages

<29piajx9ip.ln2@Telcontar.valinor>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=510&group=comp.mail.pine#510

 copy link   Newsgroups: comp.mail.pine
Path: i2pn2.org!i2pn.org!news.swapon.de!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: robin_li...@es.invalid (Carlos E.R.)
Newsgroups: comp.mail.pine
Subject: Re: SPF failure messages
Date: Sun, 29 Jan 2023 19:08:02 +0100
Lines: 19
Message-ID: <29piajx9ip.ln2@Telcontar.valinor>
References: <tr1gi7$1rs5v$1@dont-email.me> <tr4633$2d20o$2@dont-email.me>
<9ppgajxtuq.ln2@Telcontar.valinor> <k3n236F6vd0U2@mid.individual.net>
<tr69fa$2rkg7$1@dont-email.me>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Trace: individual.net MxFDSdFEVGulETiDITMI3w+gN0hFbUDnIINp133rLM/ANu2iH4
X-Orig-Path: Telcontar.valinor!not-for-mail
Cancel-Lock: sha1:lziW/JkesMBwR7KBRVJxoA4xDqg=
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101
Thunderbird/102.6.1
Content-Language: es-ES, en-CA
In-Reply-To: <tr69fa$2rkg7$1@dont-email.me>
 by: Carlos E.R. - Sun, 29 Jan 2023 18:08 UTC

On 2023-01-29 18:13, Adam H. Kerman wrote:
> J.O. Aho <user@example.net> wrote:
>
>> It's about the delivering systems IP, not about what is the origin
>> senders IP, but OP is skeptical to most told to him.
>
>> As OP not posted any real information, there are just a few options:
>
> I posted real information. You simply chose to call me a liar.

Sorry, no, you did not.

We did not see the reject email.

And no, no one accuses you of lying.

--
Cheers, Carlos.

Pages:12
server_pubkey.txt

rocksolid light 0.9.7
clearnet tor