Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

SPF implementation

Discussion in 'E-mail Discussion' started by bpmod, Feb 28, 2008.

  1. bpmod

    bpmod Well-Known Member

    Joined:
    Sep 23, 2004
    Messages:
    49
    Likes Received:
    0
    Trophy Points:
    156
    Hello all

    I haven't really been able to get any info as to how to implement SPF for incoming mail. There is plenty of info as to how to set up your domain with an SPF record so that anybody using SPF for filtering will allow mail through from your domain.

    My provider (I have a dedicated server running WHM/cPanel) tells me that cPanel's version of Exim does not support SPF checking, but openspf.org says that Exim provides "native support" for SPF.

    I am tired of getting hundreds of spam emails that purport to be from myself. All of my clients are complaining about the same thing. The non-tech-savvy ones believe that somebody has hacked into their email accounts and is sending spam out using them.

    What steps should I go through to get SPF checking working fully on my server?

    Thanks

    Brian
     
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,517
    Likes Received:
    425
    Trophy Points:
    583
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    You should check what those accounts have unrouted mail set for in your cPanel. Should be:
    Current Setting: :fail: no such address here

    As for SPF, Look for a new icon in cPanel called Email authentication. A few clicks and its done. This is working as expected so far here with no complaints from users who have set it.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. bpmod

    bpmod Well-Known Member

    Joined:
    Sep 23, 2004
    Messages:
    49
    Likes Received:
    0
    Trophy Points:
    156
    Hello?

    Is this thing on?
     
  4. cPanelDavidG

    cPanelDavidG Technical Product Specialist

    Joined:
    Nov 29, 2006
    Messages:
    11,216
    Likes Received:
    10
    Trophy Points:
    313
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    Can you be more specific? Do you think your server is not properly analyzing SPF records before accepting mail?
     
  5. bpmod

    bpmod Well-Known Member

    Joined:
    Sep 23, 2004
    Messages:
    49
    Likes Received:
    0
    Trophy Points:
    156
    I am sorry. I thought I had been very specific.

    There is no checking of SPF on any incoming mail (except a cursory check by SpamAssassin which has no effect whatsoever) on the server. I have not been able to find anything at all on openspf's website, exim's website or cPanel's website as to how to set up this checking. Everything I have read (including what is available under "email authentication" in cPanel) is for publishing SPF records, which I have done.

    Is this more clear?

    Thanks

    Brian
     
  6. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,565
    Likes Received:
    43
    Trophy Points:
    308
    cPanel Access Level:
    Root Administrator
    We don't have full support for SPF lookups on incoming mail. Support for that is currently in beta-testing.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. katmai

    katmai Well-Known Member

    Joined:
    Mar 13, 2006
    Messages:
    533
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    Brno, Czech Republic
    just the kind of news i was looking for :)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  8. krisdv

    krisdv Well-Known Member

    Joined:
    Jun 18, 2003
    Messages:
    175
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    Belgium
    Is this still in beta-testing or is there already a way to enable this server wide?
     
  9. wemail

    wemail Well-Known Member

    Joined:
    Nov 28, 2006
    Messages:
    55
    Likes Received:
    1
    Trophy Points:
    158
    Location:
    GB
    cPanel Access Level:
    Root Administrator
    I use a shared hosting system on cPanel version 11.18.6-RELEASE, and it appears to have the SPF & DomainKeys options available - though it does give what another thread described as incorrect error messages.

    Can you give us any idea of when the support will be in the RELEASE version, as I have many users with SPAM problems.

    TIA
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  10. bpmod

    bpmod Well-Known Member

    Joined:
    Sep 23, 2004
    Messages:
    49
    Likes Received:
    0
    Trophy Points:
    156
    Any word as to when we can expect to see this?

    Thanks

    Brian
     
  11. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,565
    Likes Received:
    43
    Trophy Points:
    308
    cPanel Access Level:
    Root Administrator
    The Exim 4.69-5 RPM supports SPF and DomainKeys checks on incoming mail at SMTP time. This RPM is in EDGE at this time, but will make it's way to the other branches barring issues.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  12. wemail

    wemail Well-Known Member

    Joined:
    Nov 28, 2006
    Messages:
    55
    Likes Received:
    1
    Trophy Points:
    158
    Location:
    GB
    cPanel Access Level:
    Root Administrator
    We would be reluctant to activate SPF checking unless SRS is also available, as SPF alone will "break" forwarding, which is an essential part of our site.

    When SPF is fully available, will SRS be ready to activate too?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  13. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,565
    Likes Received:
    43
    Trophy Points:
    308
    cPanel Access Level:
    Root Administrator

    SRS functionality is present in the Exim 4.69-5 RPM but is unsupported by cPanel. You will need to perform all the configuration manually.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  14. wemail

    wemail Well-Known Member

    Joined:
    Nov 28, 2006
    Messages:
    55
    Likes Received:
    1
    Trophy Points:
    158
    Location:
    GB
    cPanel Access Level:
    Root Administrator
    Can you please supply any link to appropriate configuration guidance?

    The auto-update upgraded us to cPanel 11.23.1-R24893 just now. This has Exim 4.68-1 and the config options offer "Blacklist: SPF Checking (Reject mail at SMTP time if the sender fails SPF checks)".

    Does your above reply mean that we still have to wait for 4.69-5 to be able to use SPF+SRS?

    Thanks
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  15. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,565
    Likes Received:
    43
    Trophy Points:
    308
    cPanel Access Level:
    Root Administrator
    This might be a way to start:

    http://wiki.exim.org/SRS


    The Exim 4.69-5 RPM is in EDGE and CURRENT. Once it is pushed to RELEASE, then your will have functionality for both SRS and SPF in the Exim binary.

    If you tick the SPF checkbox w/o having that version of Exim, then SpamAssassin is used to perform the lookup.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  16. wemail

    wemail Well-Known Member

    Joined:
    Nov 28, 2006
    Messages:
    55
    Likes Received:
    1
    Trophy Points:
    158
    Location:
    GB
    cPanel Access Level:
    Root Administrator
    Very many thanks. This is most helpful.

    Aidan
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...
Similar Threads - implementation
  1. CanadaGuy
    Replies:
    2
    Views:
    112
  2. ottdev
    Replies:
    2
    Views:
    231

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice