Topic: SPF Check not working for incoming mail
==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.6.2
- Linux/BSD distribution name and version: Rocky Linux 8
- Manage mail accounts with iRedAdmin-Pro? No
I am having a problem with SPF checks and Spamassassin tagging on incoming E-mails. Here is an example of the tagging:
X-Spam-Status: No, score=2.614 tagged_above=-999 required=2.9 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_IMAGE_ONLY_32=2.2, HTML_IMAGE_RATIO_02=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.25, SPF_NONE=0.35, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001]
As you can see SPF_NONE and SPF_HELO_NONE is set which according to the manual means that no SPF or SPF_HELO record has been found on the domain. The issue is that every incoming E-Mail is getting this tag, even if they come from e.g. gmail.com which has a valid SPF record so I should get a SPF_PASS in the header. Even when I am trying to forge the sender myself I get a SPF_NONE instead of the required SPF_FAIL.
Unfortunately I don't know where to start looking for a possible configuration error since SPAM tagging and everything else is working without issues. The non-working SPF checks is the only issue I have with the mail server.
----Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.