具有 SPF 软失败的邮件不会被拒绝

具有 SPF 软失败的邮件不会被拒绝

我已经在我们的邮件服务器上设置了 postfix+SPF。这是我的 /etc/postfix-policyd-spf-python/policyd-spf.conf

debugLevel = 3
defaultSeedOnly = 1
HELO_reject = SPF_Not_Pass
Mail_From_reject = Fail
PermError_reject = False
TempError_Defer = False
Reject_Not_Pass_Domains = aol.com,hotmail.com, gmail.com, yahoo.com
skip_addresses = 127.0.0.0/8,::ffff:127.0.0.0/104,::1

reject_unverified_sender我已经为各种客户端和发件人域设置了使用check_client_accesscheck_sender_access

但是,我收到了以下未被拒绝的消息。(我已删除了发件人和收件人的地址。)

Sep 30 19:36:40 server2 policyd-spf[21248]: None; identity=helo; client-ip=202.212.75.207; helo=mail.saketoba.net; [email protected]; [email protected]
Sep 30 19:36:40 server2 policyd-spf[21248]: Softfail; identity=mailfrom; client-ip=202.212.75.207; helo=mail.saketoba.net; [email protected]; [email protected]
Sep 30 19:36:40 server2 policyd-spf[21248]: Action: prepend: Text: Received-SPF: Softfail (domain owner discourages use of this host) identity=mailfrom; client-ip=202.212.75.207; helo=mail.saketoba.net; [email protected]; [email protected]
Sep 30 19:36:40 server2 postfix/smtpd[20716]: NOQUEUE: reject: RCPT from st2383.nas811.p-tokyo.nttpc.ne.jp[202.212.75.207]: 450 4.1.7 <[email protected]>: Sender address rejected: unverified address: host gmail-smtp-in.l.google.com[74.125.200.27] said: 550-5.1.1 The email account that you tried to reach does not exist. Please try 550-5.1.1 double-checking the recipient's email address for typos or 550-5.1.1 unnecessary spaces. Learn more at 550 5; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<mail.saketoba.net>

根据我从手册页和在线帮助中了解到的情况,结果Softfailgmail.com它不鼓励在主机上使用客户端202.212.75.207。这是正确的吗?如果是这样,为什么不立即拒绝该消息?

谢谢。

答案1

我认为我找到了原因:行中的gmail.com和 之前的空格。删除空格后,我在使用 gmail.com 的 Softfail 时被拒绝。的页面没有提到这一点,但对于“SPF IP 白名单”()和“SPF 域白名单(),它提到逗号分隔的列表中不应有空格。yahoo.comReject_Not_Pass_Domainspolicyd-spf.confmanpolicyd-spf.confWhitelistDomain_Whitelist

相关内容