Page 2 of 2 FirstFirst 12
Results 11 to 17 of 17

Thread: how to implement SPF

  1. #11
    sadiq007 is offline Special Member
    Join Date
    May 2009
    Location
    INDIA
    Posts
    104
    Rep Power
    6

    Default

    any more idea?
    Last edited by sadiq007; 07-03-2010 at 04:46 AM.

  2. #12
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,504
    Rep Power
    57

    Default

    Quote Originally Posted by sadiq007 View Post
    anybody there to help me?
    I thought I'd answered that earlier? You'll find that perl-Mail-SPF (Mail::SPF) is not perl-Mail-SPF-Query (Mail::SPF::Query), you have installed perl-Mail-SPF and therefore running the command:

    Code:
    perl -e 'require Mail::SPF::Query'
    is returning the correct results because it isn't installed nor should it be (it's not been maintained for years).
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #13
    sadiq007 is offline Special Member
    Join Date
    May 2009
    Location
    INDIA
    Posts
    104
    Rep Power
    6

    Default

    sorry bill you are right,
    i had installed perl-Mail-SPF so i need to run perl -e 'require Mail::SPF' only, not perl -e 'require Mail::SPF::Query'
    and now perl -e 'require Mail::SPF' return with no error , so i think it installed correctlly... apart from this for SPF implementation i added following lines in to salocal.cf and salocal.cf.in
    score SPF_FAIL 10.000
    score SPF_HELO_FAIL 10.000
    SPF plugin is already enabled in /opt/zimbra/conf/spamassassin/init.pre
    My domain contain following txt record for SPF "v=spf1 ip4:203.77.192.0/24 ip4:61.16.226.0/24 ~all"
    after zmamavisdctl restart zimbra.log showing me
    mail amavis[32374]: Module Mail::SPF v2.006
    but yet if i send fake mail from site like ANONYMAILER | Send Fake Mail Pranks Anonymously as a fake local user of my mail-server to my another local user.... then my mail server is still receiving such mail and delevering it to inbox.
    So how can i test more that my SPF is configured ok or still something missing? simply how to test that SPF working or not?

    ####This is my regular mail header which showing SPF test also####

    X-Virus-Scanned: amavisd-new at mydomain.com
    X-Spam-Flag: NO
    X-Spam-Score: -1.186
    X-Spam-Level:
    X-Spam-Status: No, score=-1.186 tagged_above=-10 required=6.6
    tests=[BAYES_40=-0.185, RCVD_IN_DNSWL_LOW=-1, SPF_PASS=-0.001]
    autolearn=ham
    Received: from mail.mydomain.com ([127.0.0.1])
    by localhost (mail.mydomain.com [127.0.0.1]) (amavisd-new, port 10024)
    with ESMTP id 9M0AIEVRXnYt for <zmtest@mydomain.com>;
    Sat, 3 Jul 2010 17:19:36 +0530 (IST)
    Received: from mail.mydomain.com (mail.mydomain.com [219.64.84.60])
    by mail.mydomain.com (Postfix) with ESMTP id C83E51678024
    for <zmtest@mydomain.com>; Sat, 3 Jul 2010 17:19:36 +0530 (IST)
    Received: from localhost (localhost.localdomain [127.0.0.1])
    by mail.mydomain.com (Postfix) with ESMTP id C14423370471
    for <zmtest@mydomain.com>; Sat, 3 Jul 2010 16:48:09 +0530 (IST)
    X-Virus-Scanned: amavisd-new at mail.mydomain.com

    ####This is fake mail header sending from anonymailer.net ( why there is no sPF test in this header?)##

    X-Virus-Scanned: amavisd-new at mydomain.com
    X-Spam-Flag: NO
    X-Spam-Score: -2.598
    X-Spam-Level:
    X-Spam-Status: No, score=-2.598 tagged_above=-10 required=6.6
    tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001] autolearn=ham
    Received: from mail.mydomain.com ([127.0.0.1])
    by localhost (mail.mydomain.com [127.0.0.1]) (amavisd-new, port 10024)
    with ESMTP id 2-Fd8g+VeXVe for <zmtest@mydomain.com>;
    Sat, 3 Jul 2010 17:21:15 +0530 (IST)
    Received: from WEB23.corp.parking.ru (web23.corp.parking.ru [195.128.121.26])
    by mail.mydomain.com (Postfix) with ESMTP id E2F571678024
    for <zmtest@mydomain.com>; Sat, 3 Jul 2010 17:21:14 +0530 (IST)
    Received: from WEB23 ([127.0.0.1]) by WEB23.corp.parking.ru with Microsoft SMTPSVC(7.0.6002.18222);
    Sat, 3 Jul 2010 15:49:12 +0400

    why still my server receiving mail for local user from another local user but not send my my mail-server?
    Last edited by sadiq007; 07-03-2010 at 05:01 AM.

  4. #14
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,504
    Rep Power
    57

    Default

    Sorry, I've only just realised what you are trying to do. That article isn't valid for ZCS 6.x and you don't need to install that perl module any more as it's supplied with Zimbra and the SPF scoring is handled by Spamassassin from the following rule:

    Code:
    cat /opt/zimbra/conf/spamassassin/50_scores.cf | grep SPF
    
    score RCVD_IN_IADB_SPF 0 -0.001 0 -0.059 # n=0 n=2
    ifplugin Mail::SpamAssassin::Plugin::SPF
    score USER_IN_SPF_WHITELIST -100.000
    score USER_IN_DEF_SPF_WL -7.500
    score ENV_AND_HDR_SPF_MATCH -0.5
    endif # Mail::SpamAssassin::Plugin::SPF
    # SPF
    # Note that the benefit for a valid SPF record is deliberately minimal; it's
    # likely that more spammers would quickly move to setting valid SPF records
    ifplugin Mail::SpamAssassin::Plugin::SPF
    score SPF_PASS -0.001
    score SPF_HELO_PASS -0.001
    score SPF_FAIL 0 0.919 0 0.001 # n=0 n=2
    score SPF_HELO_FAIL 0 0.001 0 0.001 # n=0 n=2
    score SPF_HELO_NEUTRAL 0 0.001 0 0.112 # n=0 n=2
    score SPF_HELO_SOFTFAIL 0 0.896 0 0.732 # n=0 n=2
    score SPF_NEUTRAL 0 0.652 0 0.779 # n=0 n=2
    score SPF_SOFTFAIL 0 0.972 0 0.665 # n=0 n=2
    endif # Mail::SpamAssassin::Plugin::SPF
    .... and this one:

    Code:
    cat /opt/zimbra/conf/spamassassin/25_spf.cf
    # SpamAssassin - SPF rules
    #
    # Please don't modify this file as your changes will be overwritten with
    # the next update. Use @@LOCAL_RULES_DIR@@/local.cf instead.
    # See 'perldoc Mail::SpamAssassin::Conf' for details.
    #
    # <@LICENSE>
    # Licensed to the Apache Software Foundation (ASF) under one or more
    # contributor license agreements.  See the NOTICE file distributed with
    # this work for additional information regarding copyright ownership.
    # The ASF licenses this file to you under the Apache License, Version 2.0
    # (the "License"); you may not use this file except in compliance with
    # the License.  You may obtain a copy of the License at:
    # 
    #     http://www.apache.org/licenses/LICENSE-2.0
    # 
    # Unless required by applicable law or agreed to in writing, software
    # distributed under the License is distributed on an "AS IS" BASIS,
    # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    # See the License for the specific language governing permissions and
    # limitations under the License.
    # </@LICENSE>
    #
    ###########################################################################
    
    # Requires the Mail::SpamAssassin::Plugin::SPF plugin be loaded.
    
    ifplugin Mail::SpamAssassin::Plugin::SPF
    
    # SPF support:
    #   "pass" is nice
    #   "neutral" is somewhat bad
    #   "fail" is bad
    #   "softfail" is bad, but not as bad as "fail"
    # These are more trustworthy results than the SPF_HELO rules.
    
    header SPF_PASS                 eval:check_for_spf_pass()
    header SPF_NEUTRAL              eval:check_for_spf_neutral()
    header SPF_FAIL                 eval:check_for_spf_fail()
    header SPF_SOFTFAIL             eval:check_for_spf_softfail()
    
    # NOTE: SPF_HELO_PASS is not incredibly hard to fake, so shouldn't
    # provide much in the way of points compared to SPF_PASS et al.
    # However, a *failure* is still a very good spamsign.
    
    header SPF_HELO_PASS            eval:check_for_spf_helo_pass()
    header SPF_HELO_NEUTRAL         eval:check_for_spf_helo_neutral()
    header SPF_HELO_FAIL            eval:check_for_spf_helo_fail()
    header SPF_HELO_SOFTFAIL        eval:check_for_spf_helo_softfail()
    
    describe SPF_PASS               SPF: sender matches SPF record
    describe SPF_NEUTRAL            SPF: sender does not match SPF record (neutral)
    describe SPF_FAIL               SPF: sender does not match SPF record (fail)
    describe SPF_SOFTFAIL           SPF: sender does not match SPF record (softfail)
    describe SPF_HELO_PASS          SPF: HELO matches SPF record
    describe SPF_HELO_NEUTRAL       SPF: HELO does not match SPF record (neutral)
    describe SPF_HELO_FAIL          SPF: HELO does not match SPF record (fail)
    describe SPF_HELO_SOFTFAIL      SPF: HELO does not match SPF record (softfail)
    
    # these are "userconf" so that scores are set by hand
    tflags SPF_PASS                 nice userconf net
    tflags SPF_HELO_PASS            nice userconf net
    tflags SPF_NEUTRAL              net
    tflags SPF_FAIL                 net
    tflags SPF_SOFTFAIL             net
    tflags SPF_HELO_NEUTRAL         net
    tflags SPF_HELO_FAIL            net
    tflags SPF_HELO_SOFTFAIL        net
    
    # rules from earlier than current release that can be reused
    reuse  SPF_PASS
    reuse  SPF_FAIL
    reuse  SPF_SOFTFAIL
    reuse  SPF_HELO_PASS
    reuse  SPF_HELO_FAIL
    reuse  SPF_HELO_SOFTFAIL
    reuse  SPF_NEUTRAL
    reuse  SPF_HELO_NEUTRAL
    
    endif   # Mail::SpamAssassin::Plugin::SPF
    Last edited by phoenix; 07-03-2010 at 06:37 AM.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  5. #15
    sadiq007 is offline Special Member
    Join Date
    May 2009
    Location
    INDIA
    Posts
    104
    Rep Power
    6

    Default

    you mean with ZCS 6.x or higher there is no need to install perl-Mail-SPF just need to score high for SPF fail to reject mails?
    Simply how can i test SPF with zimbra working or not ?

  6. #16
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,504
    Rep Power
    57

    Default

    Quote Originally Posted by sadiq007 View Post
    you mean with ZCS 6.x or higher there is no need to install perl-Mail-SPF just need to score high for SPF fail to reject mails?
    That's correct.

    Quote Originally Posted by sadiq007 View Post
    Simply how can i test SPF with zimbra working or not ?
    You've already done that according to the headers you posted earlier. You can also send an email from a service that uses SPF (such as gmail) and look at the headers for an SPF setting.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  7. #17
    damjanster is offline Junior Member
    Join Date
    May 2009
    Posts
    8
    Rep Power
    6

    Default

    How should I fix those scores to have SPF_FAIL and SPF_HELO_FAIL tagged mail rejected?
    I have tried to use:
    score SPF_FAIL 10.000
    score SPF_HELO_FAIL 10.000
    but it does not seem to work. I've put these values in the local.cf.in.

    I have installed Zimbra 7.1x which is set behind a firewall. It has a local private-range IP address with just the needed ports forwarded through the fw. I am wondering if that could be the problem, since I have set the private subnet and the 127.0.0.1 to the "trusted networks". Could that interfere with spam detection in any way? I am thinking about unsetting the trusted networks settings.
    Last edited by damjanster; 05-10-2012 at 12:44 AM.

Page 2 of 2 FirstFirst 12

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. [SOLVED] Does Zimbra check SPF records for incoming emails
    By priyadarsanroy in forum Administrators
    Replies: 8
    Last Post: 04-13-2010, 04:51 AM
  2. how to implement strong antispam
    By viaris in forum Administrators
    Replies: 8
    Last Post: 07-01-2009, 09:59 AM
  3. [SOLVED] Help with spf record
    By fernandoflorez in forum Administrators
    Replies: 4
    Last Post: 05-26-2009, 10:58 PM
  4. SPF Question
    By randall in forum Installation
    Replies: 12
    Last Post: 12-07-2008, 06:22 AM
  5. New Book: Zimbra: Implement, Administer, Manage
    By bhickey in forum Administrators
    Replies: 8
    Last Post: 11-30-2007, 08:57 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •