AW: SPF reject von Outlook und Hotmail
Daniel
daniel at ist-immer-online.de
Sa Jun 25 23:02:28 CEST 2016
Hi,
langsam wird ganze kurios, bei einer Testmail grad kam direkt nen pass, also ok.
Blinke langsam auch nicht durch wieso einige pass sind, und andere SoftFail.
Wie schon erwähnt, Exchange User mit eigener Domain kommen auch an.
Header:
Return-Path: <X at outlook.de>
X-Original-To: X at ist-immer-online.de
Delivered-To: X at ist-immer-online.de
Received-SPF: pass (outlook.de: Sender is authorized to use 'X at outlook.de' in 'mfrom' identity (mechanism
'include:spf-a.hotmail.com' matched)) receiver=Server; identity=mailfrom; envelope-from="X at outlook.de";
helo=DUB004-OMC2S28.hotmail.com; client-ip=157.55.1.167
Authentication-Results: server.ist-immer-online.de; dmarc=none header.from=outlook.de
Received: from DUB004-OMC2S28.hotmail.com (dub004-omc2s28.hotmail.com [157.55.1.167])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits))
(Client CN "*.outlook.com", Issuer "Microsoft IT SSL SHA2" (verified OK))
by server.ist-immer-online.de (Postfix) with ESMTPS id A6BB43316001
for <X at ist-immer-online.de>; Sat, 25 Jun 2016 22:48:39 +0200 (CEST)
Received: from DUB127-W42 ([157.55.1.138]) by DUB004-OMC2S28.hotmail.com over TLS secured channel with Microsoft
SMTPSVC(7.5.7601.23008);
Sat, 25 Jun 2016 13:48:38 -0700
X-TMN: [0/EK/HLgn/YEtYyhHxAw+QJDpOhjHZhE]
X-Originating-Email: [X at outlook.de]
Message-ID: <DUB127-W429F9894A9BEFB5E7F335EB02F0 at phx.gbl>
Return-Path: X at outlook.de
Log:
Jun 25 22:48:38 postfix/smtpd[15986]: connect from dub004-omc2s28.hotmail.com[157.55.1.167]
Jun 25 22:48:39 postfix/smtpd[15986]: Trusted TLS connection established from dub004-omc2s28.hotmail.com[157.55.1.167]: TLSv1.2 with
cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)
Jun 25 22:48:39 postfix/policy-spf[15994]: Policy action=PREPEND Received-SPF: pass (outlook.de: Sender is authorized to use
'X at outlook.de' in 'mfrom' identity (mechanism 'include:spf-a.hotmail.com' matched)) receiver=Server; identity=mailfrom;
envelope-from="X at outlook.de"; helo=DUB004-OMC2S28.hotmail.com; client-ip=157.55.1.167
Jun 25 22:48:40 postfix/policy-spf[15994]: Policy action=DUNNO
Jun 25 22:48:40 postfix/smtpd[15986]: A6BB43316001: client=dub004-omc2s28.hotmail.com[157.55.1.167]
Jun 25 22:48:40 postfix/cleanup[15999]: A6BB43316001: hold: header Received: from DUB004-OMC2S28.hotmail.com
(dub004-omc2s28.hotmail.com [157.55.1.167])??(using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits))??(Client CN
"*.outlook.com", Issuer "Microsoft from dub004-omc2s28.hotmail.com[157.55.1.167]; from=<X at outlook.de> to=<X at ist-immer-online.de>
proto=ESMTP helo=<DUB004-OMC2S28.hotmail.com>
Jun 25 22:48:40 postfix/cleanup[15999]: A6BB43316001: message-id=<DUB127-W429F9894A9BEFB5E7F335EB02F0 at phx.gbl>
Jun 25 22:48:40 opendmarc[20880]: implicit authentication service: server.ist-immer-online.de
Jun 25 22:48:40 opendmarc[20880]: A6BB43316001: outlook.de none
Jun 25 22:48:41 postfix/smtpd[15986]: disconnect from dub004-omc2s28.hotmail.com[157.55.1.167] ehlo=2 starttls=1 mail=1 rcpt=1
data=1 quit=1 commands=7
Jun 25 22:48:42 MailScanner[6649]: New Batch: Scanning 1 messages, 3007 bytes
Jun 25 22:48:42 MailScanner[6649]: Virus and Content Scanning: Starting
Jun 25 22:48:45 MailScanner[6649]: Requeue: A6BB43316001.A45C7 to A25573316003
Jun 25 22:48:45 postfix/qmgr[6600]: A25573316003: from=<X at outlook.de>, size=2017, nrcpt=1 (queue active)
Jun 25 22:48:45 MailScanner[6649]: Uninfected: Delivered 1 messages
Jun 25 22:48:45 MailScanner[6649]: Deleted 1 messages from processing-database
Jun 25 22:48:45 dovecot: lda(X): sieve: msgid=<DUB127-W429F9894A9BEFB5E7F335EB02F0 at phx.gbl>: stored mail into mailbox 'INBOX'
Jun 25 22:48:45 postfix/local[16040]: A25573316003: to=<X at ist-immer-online.de>, relay=local, delay=6.1, delays=5.8/0.02/0/0.25,
dsn=2.0.0, status=sent (delivered to command: /var/libexec/dovecot/dovecot-lda -f "$SENDER" -a "$RECIPIENT")
Jun 25 22:48:45 postfix/qmgr[6600]: A25573316003: removed
Anderer Header:
Return-Path: <account-security-noreply at account.microsoft.com>
X-Original-To: X at ist-immer-online.de
Delivered-To: X at ist-immer-online.de
Received-SPF: pass (account.microsoft.com: Sender is authorized to use 'account-security-noreply at account.microsoft.com' in 'mfrom'
identity (mechanism 'include:spf-a.hotmail.com' matched)) receiver=Server; identity=mailfrom;
envelope-from="account-security-noreply at account.microsoft.com"; helo=BAY004-OMC3S11.hotmail.com; client-ip=65.54.190.149
Authentication-Results: server.ist-immer-online.de; dmarc=pass header.from=account.microsoft.com
Received: from BAY004-OMC3S11.hotmail.com (bay004-omc3s11.hotmail.com [65.54.190.149])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits))
(Client CN "*.outlook.com", Issuer "Microsoft IT SSL SHA2" (verified OK))
Gruß Daniel
-----Ursprüngliche Nachricht-----
Von: Postfixbuch-users [mailto:postfixbuch-users-bounces at listen.jpberlin.de] Im Auftrag von Daniel Gompf
Gesendet: Samstag, 25. Juni 2016 21:00
An: Diskussionen und Support rund um Postfix
Betreff: Re: SPF reject von Outlook und Hotmail
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hallo Daniel
Am 25.06.2016 um 14:06 schrieb Max Grobecker:
> Moin Daniel,
>
> kann ich nicht bestätigen - aber wenn man sich das Log ansieht
> läuft bei dir noch etwas anderes falsch:
>
>> hotmail.de discourages use of 25.152.2.56 as permitted sender)
>> from snt004-omc2s43.hotmail.com[65.54.61.94];
>> from=<X at hotmail.de>
>
> Wie kommt dein Postfix auf 25.152.2.56? Die *KANN* nicht bei dir am
> Server anklopfen. Die gehört zum britischen
> Verteidigungsministerium und für den gesamten Bereich 25.0.0.0/8
> existieren im Internet keine BGP-Routen:
>
> route-server>show ip bgp 25.152.2.56 % Network not in table
>
> Es *kann* einfach nicht aus dem Internet kommen ;-)
>
Ich hatte da noch was im Hinterkopf, du hast am 7.6. schon mal so eine
Frage gestellt, da dachte ich noch an einen falschen SPF-Record, aber
auch dort hattest du schon diese Log-Zeile
Jun 6 07:35:27 postfix/cleanup[7409]: 889A23316001: reject: header
received-spf: SoftFail (protection.outlook.com: domain of
transitioning? hotmail.de discourages use of 25.152.0.58 as permitted
sender) from col004-omc4s17.hotmail.com[65.55.34.219];
auch hier ist eine dieser IP-Adressen, zusätzlich irritiert mich das
"?", dort steht doch normalerweise die Absenderdomäne oder der Absender.
Kontrolliere als erstes das mit der IP nochmal.
Daniel
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
iQEcBAEBAgAGBQJXbtTMAAoJENuvw56q5FOi85MIAKG3h2S1lOJV2nWpiy/BEm7T
3IIo5pr197+Ppu9hLF++sW2O3BQrKz7+6NT9bpbp/QSiiAzw9bRAsJoG6OHgqnf/
lHG2ZJe+i6qmahoLTJxwKwtOvXIsf9B5yFvNwjjvAehXx5y9GZFLkj2Z7DwmpoUV
vNO99v3V4QpQcNOiPckQj/bbtZhxb6cW+PwtwzmkwEbk3E/F/ui4gFvhEOS2PEyK
7WC0YMbt4heqElZ0Qv4i0E5oCAbCFHlrzV+yj3vl2bvxxEzJbCTOcFlnzoT4wRCl
XbGxlpRgpAOYN/4FuZUdAwgmWb/kePtpV4InLRl6+CvaM+P+qQbd32AEKDJ1zOM=
=lNk4
-----END PGP SIGNATURE-----
Mehr Informationen über die Mailingliste Postfixbuch-users