[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Savannah-hackers-public] improving spf (anti-spam) measures from outgoi
|
From: |
Assaf Gordon |
|
Subject: |
[Savannah-hackers-public] improving spf (anti-spam) measures from outgoing emails from savannah |
|
Date: |
Sat, 04 Apr 2015 15:42:07 -0400 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.5.0 |
Hello,
regarding savannah mail marked as 'spam' (the 'address@hidden' mails):
If I understand the current settings correctly, it seems outgoing mail
originating from 'frontend.savannah.gnu.org' does not have a valid SPF field
(for server 'savannah.gnu.org').
Do you think adding a DNS TXT record could improve the SPF filtering?
Details:
1. email sent from fencepost (from gnu.org account) to gmail, receive the
following header:
---
Return-Path: <address@hidden>
Received: from fencepost.gnu.org (fencepost.gnu.org. [2001:4830:134:3::e])
by mx.google.com with ESMTPS id f10si11694303qka.76.2015.04.04.12.15.33
for <address@hidden>
(version=TLSv1 cipher=RC4-SHA bits=128/128);
Sat, 04 Apr 2015 12:15:33 -0700 (PDT)
Received-SPF: pass (google.com: domain of address@hidden designates
2001:4830:134:3::e as permitted sender) client-ip=2001:4830:134:3::e;
Authentication-Results: mx.google.com;
spf=pass (google.com: domain of address@hidden designates
2001:4830:134:3::e as permitted sender) address@hidden
---
2. but emails sent from frontend.savannah.gnu.org (simulating a notification
from the savannah PHP code) to gmail receive the following header:
---
$ echo "hello from address@hidden" \
| sudo -u www-data mail -s testing-mail \
-a "From: Assaf Gordon <address@hidden>" \
address@hidden
---
Return-Path: <address@hidden>
Received: from frontend.savannah.gnu.org ([2001:4830:134:6::a])
by mx.google.com with ESMTPS id f34si31094qkh.7.2015.04.04.12.21.37
for <address@hidden>
(version=TLSv1 cipher=RC4-SHA bits=128/128);
Sat, 04 Apr 2015 12:21:37 -0700 (PDT)
Received-SPF: none (google.com: address@hidden does not designate permitted
sender hosts) client-ip=2001:4830:134:6::a;
Authentication-Results: mx.google.com;
spf=none (google.com: address@hidden does not designate permitted sender
hosts) address@hidden
---
And it seems (if this is the right way to check) that the DNS TXT field from
gnu.org does not carry over to savannah.gnu.org
---
$ host -t txt gnu.org
gnu.org descriptive text "v=spf1 ip4:140.186.70.0/24 ip4:208.118.235.0/24
ip4:46.43.37.64/27 ip4:74.94.156.208/28 ip6:2001:4830:134::/48 ip6:2001:41c8:20:2d3::/64
a:nitzan.inter.net.il a:specnaz.aaso.pl ~all"
$ host -t txt savannah.gnu.org
savannah.gnu.org has no TXT record
---
Regards,
- Assaf
- [Savannah-hackers-public] improving spf (anti-spam) measures from outgoing emails from savannah,
Assaf Gordon <=