Hi All,
I'm setting SPF filtering for the first time, and I noticed that I'm not getting any hits with my filters even though when I read through the mail logs, I should be. Can someone point out the error of my ways? I'm currently setup for SIDF Compatible.
Here is the content filter I have setup, just for testing.
SPFSoftfailQuarantine: if (spf-status == "softfail") { duplicate-quarantine ("SPF Softfail"); }
SPFFailQuarantine: if (spf-status == "fail") { duplicate-quarantine ("SPF Fail"); }
Just very basic monitoring for now. And the mail logs shows me this:
Tue Dec 2 22:33:50 2008 Info: MID 1072697 SPF: helo identity postmaster@463FA4D1AD484B9 None
Tue Dec 2 22:33:51 2008 Info: MID 1072697 SPF: mailfrom identity xxx@us.army.mil SoftFail (v=spf1)
Tue Dec 2 22:33:52 2008 Info: MID 1072697 SPF: pra identity xxx@us.army.mil None headers from
Wed Dec 3 01:12:07 2008 Info: MID 1072902 SPF: helo identity postmaster@bigdog.icorporation.local None
Wed Dec 3 01:12:07 2008 Info: MID 1072902 SPF: mailfrom identity xxx@bol.com.br Fail (v=spf1)
Wed Dec 3 01:12:07 2008 Info: MID 1072902 SPF: pra identity xxx@bol.com.br None headers from
Wed Dec 3 02:27:46 2008 Info: MID 1073026 using engine: SPF Verdict Cache using cached verdict
Wed Dec 3 02:27:46 2008 Info: MID 1073026 SPF: helo identity postmaster@ctb-mesg-1-1.saix.net None
Wed Dec 3 02:27:47 2008 Info: MID 1073026 SPF: mailfrom identity xxx@aluvin.co.za Fail (v=spf1)
Wed Dec 3 02:27:48 2008 Info: MID 1073026 SPF: pra identity xxx@aluvin.co.za None headers from
Quarantines shows empty, even though the mail isn't being dropped. Suggestions?
