Plesk & SocialBee have teamed up. Save 30% now!

Get the Deal

Knowledge Base

Incoming messages are rejected by SPF while using an anti-spam server: REJECT during call ‘spf’ handler

 
anti spamdkimdmarchttpsip

Symptoms

  • Domain example.com is configured to receive messages through an anti-spam server (local one or an external one, e.g. SpamExperts solution)

  • Some messages are rejected because of the SPF filter as shown in /var/log/maillog:

    May 9 06:17:35 mail-01 /usr/lib64/plesk-9.0/psa-pc-remote[23076]: handlers_stderr: REJECT
    May 9 06:17:35 mail-01 /usr/lib64/plesk-9.0/psa-pc-remote[23076]: REJECT during call 'spf' handler
    May 9 06:17:35 mail-01 postfix/cleanup[8479]: 237388036910C: milter-reject: END-OF-MESSAGE from filter.antispamserver.tld[203.0.113.2]: 5.7.1 Command rejected; from=[email protected] to=[email protected] proto=ESMTP helo=<filter.antispamserver.tld>

    Mar 30 10:05:25 web101 postfix/smtpd[31935]: disconnect from filter.antispamserver.tld[203.0.113.2] ehlo=2 starttls=1 mail=1 rcpt=1 bdat=3 quit=1 commands=9
    Mar 30 10:05:25 web101 dk_check[5484]: Starting the dk_check filter...
    Mar 30 10:05:25 web101 dk_check[5484]: DKIM verification (d=sender.tld, 1024-bit key) succeeded
    Mar 30 10:05:25 web101 postfix-local[5483]: PASS during call 'dd52-domainkeys' handler
    Mar 30 10:05:25 web101 dmarc[5485]: Starting the dmarc filter...
    Mar 30 10:05:25 web101 dmarc[5485]: Store DKIM result for 'sender.tld' into DMARC library.
    Mar 30 10:05:25 web101 dmarc[5485]: DMARC: smtpdomain=sender.tld maildomain=sender.tld [email protected] stamp=1617091525 ip=2 adkim=relaxed aspf=relaxed p=REJECT sp=NONE pct=100 align_dkim=fail align_spf=fail spfres=fail dkimres=pass dmarccheck=DMARC_POLICY_REJECT dmarcstatus=STOP
    Mar 30 10:05:25 web101 dmarc[5485]: DMARC: REJECT message for [email protected]

Cause

Incoming message goes through the anti-spam server. Because of this, the sender's IP changes and now it does not match the sender's domain SPF record.

Resolution

Configure SPF local rules in Tools & Settings > Mail Server Settings > SPF local rules. The exact set of rules will vary depending on a specific configuration:

Note: the examples below use placeholders. Make sure to replace them with actual values from the real environment

Local server

Use either of the following rules:

  • ip4:203.0.113.2
  • a:hostname.example.com

Where 203.0.113.2 is the server's IP address, and hostname.example.com is the server's hostname.

SpamExperts solution

Use the following rule: include:spf.antispamcloud.com

Refer to SpamExperts documentation for additional details: https://documentation.n-able.com/spamexperts/userguide/Content/B_Admin%20Level/outgoing-filtering/setting-up-spf.htm 

Other external filtering server

Contact the service's support team to clarify the exact SPF local rules. Generally, the following rules are used:

  • ip4:<remote filter's IP address>
  • a:<remote filter's hostname>
  • include:<remote filter's hostname>
Read the full article
Related Posts
Knowledge Base

Hosting Wiki

Industry
Partners

industry-partner_ALIBABA
industry-partner_GOOGLEPARTNER
industry-partner_MICROSOFT
industry-partner_REDHAT-r2
industry-partner_ALIBABA
industry-partner_AUTOMATTIC
industry-partner_AWS
industry-partner_DIGITALOCEAN
industry-partner_SCALEWAY

Follow us:

Facebook Twitter Linkedin Youtube Github

© 2024 WebPros International GmbH. All rights reserved. Plesk and the Plesk logo are trademarks of WebPros International GmbH.

Managed with love with Plesk WP Toolkit