Home » Kerio User Forums » Kerio Connect » Spf help (Strange results with spf)

Messages: 16
Karma: 0
Send a private message to this user
I finally got around to enabling SPF on my Kerio connect 7.4.2 the other day and noticed something, that I think, is strange. My security log is filling up with messages like this:

SPF check failed: The IP address '' is not in permitted set for sender 'marketing<_at_>mailings.erepublic.com' (FAIL)

To me this would mean erepublic.com is trying to use my domain name in sending me email. The corresponding email is below.

Return-Path: <marketing<_at_>mailings.erepublic.com>
X-Spam-Status: No, hits=0.0 required=5.0
tests=SPF: 0.00,AWL: 0.087,BAYES_00: -1.665,
HTML_MESSAGE: 0.001,TOTAL_SCORE: -1.577,autolearn=ham
Received: from mail01.mailings.erepublic.com ([])
by mail.teanecknj.gov (Kerio Connect 7.4.2)
for cmckearnin<_at_>teanecknj.gov;
Thu, 18 Apr 2013 08:49:46 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;
d=governing.com; i=newsletters<_at_>governing.com; q=dns/txt;
s=dk1024-2012; t=1366289388; x=1397825388;

However, every e-mail I receive has my ipaddress next to the "from" field.

Return-Path: <njdevil61<_at_>aol.com>
X-Spam-Status: No, hits=0.0 required=5.0
tests=AWL: 0.000,BAYES_00: -1.665,HTML_MESSAGE: 0.001,
TOTAL_SCORE: -1.664,autolearn=ham
Received: from omr-d03.mx.aol.com ([])
by mail.teanecknj.gov (Kerio Connect 7.4.2)
for afisher<_at_>teanecknj.gov;
Thu, 18 Apr 2013 09:14:08 -0400
Received: from mtaomg-ma01.r1000.mx.aol.com (mtaomg-ma01.r1000.mx.aol.com [])
by omr-d03.mx.aol.com (Outbound Mail Relay) with ESMTP id 5E8E070007D03
for <afisher<_at_>teanecknj.gov>; Thu, 18 Apr 2013 09:14:09 -0400 (EDT)
Received: from core-mid004b.r1000.mail.aol.com (core-mid004.r1000.mail.aol.com [])
by mtaomg-ma01.r1000.mx.aol.com (OMAG/Core Interface) with ESMTP id 30F36E000081
for <afisher<_at_>teanecknj.gov>; Thu, 18 Apr 2013 09:14:09 -0400 (EDT)

My SPF txt record is: v=spf1 ip4: ~all. I have it set for logging right now and know I will have to set it for a hard fail later. Is this normal? or do I have something completely wrong?

[Updated on: Thu, 18 April 2013 15:57]

Pavel Dobry (Kerio)

Messages: 2057
Karma: 251
Send a private message to this user
It seems you have a source IP address translation configured on your firewall or there is some SMTP proxy. In such case SPF or DNS blacklists cannot be used because all emails from the whole internet seems to originate for your IP to the server.

Messages: 16
Karma: 0
Send a private message to this user
Thank you for confirming this. This was the conclusion I eventually came to as well. I wonder however if there isn't a way around this short of moving my mail server into a dmz? Not really a Kerio question, just thinking.
Previous Topic: Searching for attachments in Kerio
Next Topic: Searching Outlook!
Goto Forum:

Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Thu Nov 15 01:50:01 CET 2018

Total time taken to generate the page: 0.91996 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.