[Pymilter] Issue with spfmilter?

Stuart Gathman stuart at gathman.org
Fri Mar 9 09:08:06 EST 2018 

On 03/09/2018 08:51 AM, Harald Hannelius wrote:
>
> Thanks for the clarification. I was confused by thinking that 'a'
> corresponds to 'IN A' and that there would have to be an 'aaaa' also,
> corresponding to 'IN AAAA'.
>
> Funny enough, I'm running another milter 'spfmilter-2.001', and this
> one doesn't reject mail because of this. It doesn't log anything
> though, only "reject". 
The limit is RECOMMENDED, not MUSTard in RFC7208. 

You can add a policy override in /etc/mail/access for mdh.se:

SPF-PermError:mdh.se        OK

The more complex milter also has a DSN policy which sends a DSN
(MAILFROM <>) to the sender explaining the problem.  In the decade I've
been running python milter, however, not *once* has anyone except a mail
admin read a DSN from me or from anyone else.  Not once has an end user
ever forwarded a DSN to their mail admin.  In fact, I have never
encountered an end user who had any clue who their mail admin was. (or
actually, "What's a mail admin?")  So the only thing sending a DSN
accomplishes is verifying that the Return-Path works.  :-)

Here is the template for a PermError DSN:

To: %(sender)s
From: postmaster@%(receiver)s
Subject: Critical SPF configuration error
Auto-Submitted: auto-generated (configuration error)

This is an automatically generated Delivery Status Notification.

THIS IS A WARNING MESSAGE ONLY.

YOU DO *NOT* NEED TO RESEND YOUR MESSAGE.

Delivery to the following recipients has been delayed.

    %(rcpt)s

Subject: %(subject)s
Received-SPF: %(spf_result)s

Your spf record has a permanent error.  The error was:

    %(perm_error)s

We will reinterpret your record using "lax" processing heuristics
which may result in your mail being accepted anyway.  But you or your
mail administrator need to fix your SPF record as soon as possible.

We are sending you this message to alert you to the fact that
you have problems with your email configuration.

If you need further assistance, please do not hesitate to
contact me again.

Kind regards,

postmaster@%(receiver)s

More information about the Pymilter mailing list