"ZeXtras ZxBackup Notification" emails classified as 'Junk' for SPF fail ...
Results 1 to 3 of 3

Thread: "ZeXtras ZxBackup Notification" emails classified as 'Junk' for SPF fail ...

  1. #1
    pgn
    pgn is offline
    Member
    Join Date
    Aug 2012
    Posts
    44

    "ZeXtras ZxBackup Notification" emails classified as 'Junk' for SPF fail ...

    I ZxBackup-migrated a Z7->Z8 server.

    On the Z8 server, nightly "ZeXtras ZxBackup Notification" emails are ending up in the "Junk" folder.

    Apparently, because of "SPF_HELO_FAIL=10",

    Code:
    	Return-Path: admin@mx.myhostname.com
    	Received: from mx.myhostname.com (LHLO mx.myhostname.com)
    	 (192.168.1.106) by mx.myhostname.com with LMTP; Tue, 23 Oct 2012
    	 04:13:13 -0700 (PDT)
    	Received: from localhost (localhost.localdomain [127.0.0.1])
    		by mx.myhostname.com (Postfix) with ESMTP id E2EC5100419
    		for <admin@mx.myhostname.com>; Tue, 23 Oct 2012 04:13:12 -0700 (PDT)
    	X-Virus-Scanned: amavisd-new at mx.myhostname.com
    	X-Spam-Flag: YES
    !!	X-Spam-Score: 10.24
    	X-Spam-Level: **********
    !!	X-Spam-Status: Yes, score=10.24 tagged_above=-10 required=6.6
    		tests=[ALL_TRUSTED=-1, BAYES_50=0.8, DKIM_ADSP_ALL=0.8,
    		RP_MATCHES_RCVD=-0.37, SPF_HELO_FAIL=10, T_FSL_HELO_NON_FQDN_2=0.01,
    		T_KHOP_HELO_AS_VICTIM=0.01, T_NOT_A_PERSON=-0.01,
    		T_RCD_RDNS_SERVER=-0.01, T_RP_MATCHES_RCVD=-0.01,
    		T_TO_EQ_FM_DIRECT_MX=0.01, T_UNKNOWN_ORIGIN=0.01] autolearn=no
    	Received: from mx.myhostname.com ([127.0.0.1])
    		by localhost (mx.myhostname.com [127.0.0.1]) (amavisd-new, port 10026)
    		with ESMTP id VBcdvTv-36BQ for <admin@mx.myhostname.com>;
    		Tue, 23 Oct 2012 04:13:06 -0700 (PDT)
    	Received: from mx.myhostname.com (mx.myhostname.com [10.0.0.1])
    		by mx.myhostname.com (Postfix) with ESMTP id AAB48100412
    		for <admin@mx.myhostname.com>; Tue, 23 Oct 2012 04:13:06 -0700 (PDT)
    	Date: Tue, 23 Oct 2012 04:13:06 -0700 (PDT)
    	From: ZeXtras <admin@mx.myhostname.com>
    	To: admin@mx.myhostname.com
    	Message-ID: <1855845251.1.1350990786426.JavaMail.root@mx.myhostname.com>
    	Subject: ZeXtras ZxBackup Notification, Smart Scan completed. From server
    	 mx.myhostname.com
    	MIME-Version: 1.0
    	Content-Type: text/plain; charset=utf8
    	Content-Transfer-Encoding: 7bit
    but at the Z8 console,


    Code:
    	dig TXT mx.myhostname.com +short
    		"v=spf1 a -all"
    	dig TXT myhostname.com +short
    		"v=spf1 a -all"
    It's *only* the Zextras notifications that are ending up in Junk -- all other mail seems to flow where it should.

    What setting do I need to set to 'pass' these ZeXtras notifications correctly, and NOT as Junk?

  2. #2
    ZeXtras Community Manager ZeXtras Employee Cine's Avatar
    Join Date
    Apr 2011
    Posts
    2,360
    Hi,

    in order to pass the ZeXtras Notifications you can add the sender address to the whitelist of your admin account (in the account preferences).

    I'm a bit confused about the causes of the issue, can you try to connect to your zimbra server's port 25 via telnet and send a test email using "mx.myhostname.com" as your helo and "admin@mx.hostname.com" as both the sender and recipient and see if the test mail goes into the Junk folder?

    Have a nice day,
    Cine

  3. #3
    pgn
    pgn is offline
    Member
    Join Date
    Aug 2012
    Posts
    44
    > can you try to connect to your zimbra server's port 25 via telnet and send a test email using
    > "mx.myhostname.com" as your helo and "admin@mx.hostname.com" as both the sender and recipient
    > and see if the test mail goes into the Junk folder?

    I found the source of the problem. In both Z7 & Z8 config, I'd added an IP-address obfuscating header check

    Code:
    	cat /opt/zimbra/conf/local_header_checks
    		/^Received:.*(from mx\.hostname\.com).*(\(mx\.hostname\.com).*(\[.*\])\)(.*)/
    		    REPLACE Received: $1 $2 [10.15.50.10]) $4
    where

    Code:
    	postconf | grep "^header_checks"
    		header_checks = pcre:/opt/zimbra/conf/local_header_checks
    adding

    Code:
    	/opt/zimbra/conf/salocal.cf.in
    		internal_networks  (...) 10.15.50.10/32
    		trusted_networks   (...) 10.15.50.10/32
    fixes the problem. Not required in Z7, but *is* required in Z8 for whatever reason.

    Now,

    Code:
    	telnet mx.hostname.com 25
    			Trying 192.168.1.106...
    			Connected to mx.hostname.com.
    			Escape character is '^]'.
    			220 mx.hostname.com ESMTP
    		HELO mx.hostname.com
    			250 mx.hostname.com
    		MAIL FROM: admin@mx.hostname.com
    			250 2.1.0 Ok
    		RCPT TO: admin@mx.hostname.com
    			250 2.1.5 Ok
    		DATA
    			354 End data with <CR><LF>.<CR><LF>
    		test 123 test 123
    		.
    			250 2.0.0 Ok: queued as D7366100402
    		^]
    		telnet> quit
    			Connection closed.
    returns source of received message:

    Code:
    	Return-Path: admin@mx.hostname.com
    	Received: from mx.hostname.com (LHLO mx.hostname.com)
    	 (192.168.1.106) by mx.hostname.com with LMTP; Tue, 23 Oct 2012
    	 09:40:40 -0700 (PDT)
    	Received: from localhost (localhost.localdomain [127.0.0.1])
    		by mx.hostname.com (Postfix) with ESMTP id 9B373100415
    		for <admin@mx.hostname.com>; Tue, 23 Oct 2012 09:40:40 -0700 (PDT)
    	X-Virus-Scanned: amavisd-new at mx.hostname.com
    	X-Spam-Flag: NO
    	X-Spam-Score: 5.76
    	X-Spam-Level: *****
    	X-Spam-Status: No, score=5.76 tagged_above=-10 required=6.6
    		tests=[ALL_TRUSTED=-1, BAYES_99=3.5, DKIM_ADSP_ALL=0.8,
    		MISSING_HEADERS=1.021, MISSING_SUBJECT=1.799, RP_MATCHES_RCVD=-0.37,
    		T_KHOP_NO_FULL_NAME=0.01, T_RP_MATCHES_RCVD=-0.01,
    		T_UNKNOWN_ORIGIN=0.01] autolearn=no
    	Received: from mx.hostname.com ([127.0.0.1])
    		by localhost (mx.hostname.com [127.0.0.1]) (amavisd-new, port 10026)
    		with ESMTP id u1qnz_tVnbxK for <admin@mx.hostname.com>;
    		Tue, 23 Oct 2012 09:40:31 -0700 (PDT)
    	Received: from mx.hostname.com (mx.hostname.com [10.15.50.10])
    		by mx.hostname.com (Postfix) with SMTP id D7366100402
    		for <admin@mx.hostname.com>; Tue, 23 Oct 2012 09:40:08 -0700 (PDT)
    	Message-Id: <20121023164019.D7366100402@mx.hostname.com>
    	Date: Tue, 23 Oct 2012 09:40:08 -0700 (PDT)
    	From: admin@mx.hostname.com
    
    	test 123 test 123
    I.e., no more SPF 'fail'.

    *Without* the addition to sa.local.cf.in, the 'telnet' test *DOES* cause the SPF 'fail' ... on Z8, not Z7.

    So, a false alarm -- NOT a ZeXtras-specific issue.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •