-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi folks, I've installed postfix-policyd-spf-python, and want to test incoming mail from a domain using spf, from a unauthorized machine. Everything I've been able to find on the web tells you how to do the opposite (test your DNS records). While I'll be getting to that, I want to make sure the incoming mail part works first before I move on. So, I was hoping someone could tell me how to test incoming mail first. When I connected to my machine from a remote box, I tried: helo www.example.com mail From:<someone at gmail.com> rcpt To:<greg at romuald.net.eu.org> and my server accepts the message. The spf check tags it as neutral. From what I understand, it should fail, since www.example.com isn't authorized to send mail for gmail, and I wasn't connecting to my server from gmail's outbound mail servers (no, I didn't spoof the ip address). Am I correct on this point, or is my knowledge of spf seriously messed up? I've seen a pass result in my mail.log for a domain with spf records, but I have yet to see a rejected message that wasn't sent where it should be sent from. In case my config is the problem, I'm pasting my policyd-spf.conf file below - --- cut here --- # For a fully commented sample config file see policyd-spf.conf.commented debugLevel = 1 defaultSeedOnly = 1 HELO_reject = SPF_Not_Pass Mail_From_reject = Fail PermError_reject = False TempError_Defer = True skip_addresses = 127.0.0.0/8,::ffff:127.0.0.0//104,::1//128 - --- cut here --- Thanks in advance for any help. Greg - -- web site: http://www.romuald.net.eu.org gpg public key: http://www.romuald.net.eu.org/pubkey.asc skype: gregn1 (authorization required, add me to your contacts list first) - -- Free domains: http://www.eu.org/ or mail dns-manager at EU.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAk2AbB8ACgkQ7s9z/XlyUyBtFACfS+Il8NwB+KcUbdRhP+ketVUj r/sAnRprdj8gT/9C4n0a3wRiaVqP64oX =iCSQ -----END PGP SIGNATURE-----
