Re: [spfbis] Question regarding RFC 7208
Hector Santos <hsantos@isdg.net> Mon, 08 May 2023 14:41 UTC
Return-Path: <hsantos@isdg.net>
X-Original-To: spfbis@ietfa.amsl.com
Delivered-To: spfbis@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ED7E5C151B29 for <spfbis@ietfa.amsl.com>; Mon, 8 May 2023 07:41:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.087
X-Spam-Level:
X-Spam-Status: No, score=-2.087 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_MIME_MALF=0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=isdg.net header.b="a16ejVNZ"; dkim=pass (1024-bit key) header.d=beta.winserver.com header.b="x0Vdioer"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gke38toBig8A for <spfbis@ietfa.amsl.com>; Mon, 8 May 2023 07:41:10 -0700 (PDT)
Received: from mail.winserver.com (mail.winserver.com [3.137.120.140]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 19B6EC151B22 for <spfbis@ietf.org>; Mon, 8 May 2023 07:41:09 -0700 (PDT)
DKIM-Signature: v=1; d=isdg.net; s=tms1; a=rsa-sha256; c=simple/relaxed; l=15483; t=1683556864; atps=ietf.org; atpsh=sha1; h=Received:Received:Received:Received:From:Message-Id:Subject: Date:To:Organization:List-ID; bh=yTBGYEuNYAvNLhdJ4Ks7Y9D78Ep63El Sm8o/u3A0UIE=; b=a16ejVNZ7l/h++64gIr8qOdCuX+rTUjTcleHB8NbnvZUfN1 7Gc+RuxoZ5Vr6QEhEWZpf+2POWXw7n59m/RNjNdDv1DDL98i0A7UYUfWQ+w7eLua YmBCAuPxSgxaPbhumId1g0sbUDyN7TY4tNLJ7z7wP8HFfUFS5Z6aTRxiKKZM=
Received: by winserver.com (Wildcat! SMTP Router v8.0.454.13) for spfbis@ietf.org; Mon, 08 May 2023 10:41:04 -0400
Authentication-Results: dkim.winserver.com; dkim=pass header.d=beta.winserver.com header.s=tms1 header.i=beta.winserver.com; adsp=none author.d=isdg.net signer.d=beta.winserver.com; dmarc=pass policy=reject author.d=isdg.net signer.d=beta.winserver.com (atps signer);
Received: from beta.winserver.com ([3.132.92.116]) by winserver.com (Wildcat! SMTP v8.0.454.13) with ESMTP id 3949623785.1.8052; Mon, 08 May 2023 10:41:03 -0400
DKIM-Signature: v=1; d=beta.winserver.com; s=tms1; a=rsa-sha256; c=simple/relaxed; l=15483; t=1683556859; h=Received:Received: From:Message-Id:Subject:Date:To:Organization:List-ID; bh=yTBGYEu NYAvNLhdJ4Ks7Y9D78Ep63ElSm8o/u3A0UIE=; b=x0VdioerFX89Ftxu6EcP7QS uZTdvqtKNmM0UMJbIBXENbC5r/M6Txj9Qv8jNXMrtyGnjtYkr58TLY1aWyEDPlVd mBtMHnv+TVrU/iKw4bVxOfU529JP2ZXLhWn02LiSpqxs1TcmNJ3wkAvUnyrGNQvz ZDuXHnI3WFKaH7y+nREU=
Received: by beta.winserver.com (Wildcat! SMTP Router v8.0.454.12) for spfbis@ietf.org; Mon, 08 May 2023 10:40:59 -0400
Received: from smtpclient.apple ([99.122.210.89]) by beta.winserver.com (Wildcat! SMTP v8.0.454.12) with ESMTP id 100696552.1.16160; Mon, 08 May 2023 10:40:59 -0400
From: Hector Santos <hsantos@isdg.net>
Message-Id: <D2660900-780E-4C2C-9B37-8BEEFF5B0455@isdg.net>
Content-Type: multipart/alternative; boundary="Apple-Mail=_FBE83A37-AA80-4161-AEDC-4CF60E7A1729"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.400.51.1.1\))
Date: Mon, 08 May 2023 10:40:48 -0400
In-Reply-To: <CAP1hoyTozv3ORGE==Xq347HkCG7B6jM3ip1a2QM0Y4C4LBT8mQ@mail.gmail.com>
Cc: TerenceW@crswebsite.com, spfbis@ietf.org
To: Mark Alley <mark.alley=40tekmarc.com@dmarc.ietf.org>
References: <020d01d97db1$50de7560$f29b6020$@crswebsite.com> <CAP1hoyTozv3ORGE==Xq347HkCG7B6jM3ip1a2QM0Y4C4LBT8mQ@mail.gmail.com>
X-Mailer: Apple Mail (2.3731.400.51.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/spfbis/E-S7mAvEhxtB1QPdHbwB4W_ZWP0>
Subject: Re: [spfbis] Question regarding RFC 7208
X-BeenThere: spfbis@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: SPFbis discussion list <spfbis.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spfbis>, <mailto:spfbis-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spfbis/>
List-Post: <mailto:spfbis@ietf.org>
List-Help: <mailto:spfbis-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spfbis>, <mailto:spfbis-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 May 2023 14:41:15 -0000
+1 on suggestion. myfloorschedule.com <http://myfloorschedule.com/> has a DMARC p=none record. Using DMARC presumes there are two things expected in the transaction; SPF and DKIM with aligned domains. But the p=none policy suggest no rejection/quarantine is desired if errors are detected. However, Local policy probably has other things going on related to DMARC/SPF. Start with the SPF setup suggestion and also make sure there is a DKIM-signature the signer d=myfloorschedule.com <http://myfloorschedule.com/> — HLS > On May 7, 2023, at 4:34 PM, Mark Alley <mark.alley=40tekmarc.com@dmarc.ietf.org> wrote: > > It appears myfloorschedule.com <http://myfloorschedule.com/> doesn't have an SPF record. This particular recipients mail filter might have a strict local policy about domains with no SPF record. > > If you add an SPF record to "myfloorschedule.com <http://myfloorschedule.com/>" that looks something like the below, does that fix the problem? > > myfloorschedule.com <http://myfloorschedule.com/> IN TXT "v=spf1 include:spf.smtp2go.com <http://spf.smtp2go.com/> ?all" > > Use the neutral ?all qualifier just to test so it doesn't change the behavior for other mail streams on the domain. > > -Mark Alley > > > On Sun, May 7, 2023, 2:50 PM Terence at CRS <TerenceW@crswebsite.com <mailto:TerenceW@crswebsite.com>> wrote: >> Good morning. >> >> >> >> We use a service to send out emails for our customers. >> >> The From email is from the sending server, so there should be no SPF error. If you reply to the email you are sent to the customer email. >> >> Most email servers allow this, but a few do not including ioa.com <http://ioa.com/> and gate.net <http://gate.net/> which will not deliver the email. >> >> If you’ll review the header you’ll see that the From address matches the envelope address. >> >> Why would we then get this rule triggered and the email not delivered? >> >> Thank you. >> >> Terence Wehle >> >> 888-448-4049 >> >> www.floorscheduleweb.com <http://www.floorscheduleweb.com/> >> >> >> rule: >> >> Email on the Internet can be forged in a number of ways. In particular, existing protocols place no restriction on what a sending host can use as the "MAIL FROM" of a message or the domain given on the SMTP HELO/EHLO commands. This document describes version 1 of the Sender Policy Framework (SPF) protocol, whereby ADministrative Management Domains (ADMDs) can explicitly authorize the hosts that are allowed to use their domain names, and a receiving host can check such authorization. >> >> >> >> return error: >> >> johnes@ioa.com <mailto:johnes@ioa.com> >> host mx02.earthlink-vadesecure.net <http://mx02.earthlink-vadesecure.net/> [51.81.61.71] >> >> Remote host closed connection in response to HELO mail1.exim.smtpcorp.com <http://mail1.exim.smtpcorp.com/> (EHLO response was: >> >> 550 5.7.1 HELO command rejected - ELNK001_203 - https://postmaster-earthlink.vadesecure.com/inbound_error_codes/#_203): >> >> retry timeout exceeded >> >> >> >> Email Header: >> >> Received: from [10.96.31.33] (helo=ss16-010) >> >> by smtpcorp.com <http://smtpcorp.com/> with esmtpsa (TLS1.0:ECDHE_SECP256R1__RSA_SHA1__AES_256_CBC__SHA1:256) >> >> (Exim 4.96-S2G) >> >> (envelope-from shift-reminder@myfloorschedule.com <mailto:shift-reminder@myfloorschedule.com>) >> >> id 1pu7Qr-rlnJZO-2W >> >> for johnes@ioa.com <mailto:johnes@ioa.com>; >> >> Wed, 03 May 2023 08:01:49 +0000 >> >> MIME-Version: 1.0 >> >> From: "Shift Reminder" shift-reminder@myfloorschedule.com <mailto:shift-reminder@myfloorschedule.com> >> To: johnes@ioa.com <mailto:johnes@ioa.com> >> Reply-To: glennc@c21mountainlifestyles.com <mailto:glennc@c21mountainlifestyles.com> >> Date: 3 May 2023 01:01:49 -0700 >> >> Subject: Floor Duty Reminder >> >> Content-Type: multipart/alternative; >> >> boundary=--boundary_50571_e0bcab2a-d13a-475b-b2a1-026ba9f1199c >> >> Message-Id: E1pu7Qr-rlnJZO-2W@message-id.smtpcorp.com <mailto:E1pu7Qr-rlnJZO-2W@message-id.smtpcorp.com>_______________________________________________ >> spfbis mailing list >> spfbis@ietf.org <mailto:spfbis@ietf.org> >> https://www.ietf.org/mailman/listinfo/spfbis > _______________________________________________ > spfbis mailing list > spfbis@ietf.org > https://www.ietf.org/mailman/listinfo/spfbis
- [spfbis] Question regarding RFC 7208 Terence at CRS
- Re: [spfbis] Question regarding RFC 7208 Mark Alley
- Re: [spfbis] Question regarding RFC 7208 Hector Santos