I have two ASL systems. One at home and one at work.
My home system at YYYYYY.com below has an SPF record in the DNS.
My work system at XXXXXXX.com below has an MX priority 10 record. Our ISP provides a backup mailserver at ZZZZZZZ.net below at priority 20 in case the local circuit goes down. This then relays to the MX 10 when the circuit is re-established.
What I have found is that some relays (ASL being one of them) will immediately send mail to the next level, 20 in this case, when they get a temporary reject due to greylisting. I don't know if this is RFC legal or not, but in any event it causes problems with SPF.
The two exim log records below show the first delivery attempt from my home to work system along with the greylist temporary reject. Two seconds later my backup MX try's to send the same mail and gets a permanent reject as its not allowed to send mail for YYYYYY.com as per my SPF record.
2004:12:04-13:04:20 (none) exim[18693]: 2004-12-04 13:04:20 H=adsl-99-999-99-999.dsl.xxxxxx.xxxxxxx.net (mail.YYYYYY.com) [99.999.99.999] F= temporarily rejected RCPT : Please try again
2004:12:04-13:04:22 (none) exim[18694]: 2004-12-04 13:04:22 H=front2.mail.ZZZZZZZ.net (fe.mail.ZZZZZZZ.net) [88.88.88.88] F= rejected RCPT : 88.88.88.88 is not allowed to send mail from this address or use this HELO string
Is a problem with my setup or is it a limitation of having SPF and greylisting activated together?
Trench
This thread was automatically locked due to age.
