SPF Verification

[yarr2]

Hello,

We are using cPanel on VPS. SpamAssassin is not running on the server and it looks like Exim is ignoring SPF fails.
How I can make sure that SPF checks are enable in Exim and working properly?

 

[cPanelMichael]

Hello,

SPF verification for incoming email is handled exclusively via SpamAssassin as of cPanel version 58. You can turn SpamAssassin on globally via the following option under the "Apache SpamAssassion Options" tab in "WHM >> Exim Configuration Manager >> Basic Editor":

Apache SpamAssassin™: Forced Global ON

Thank you.

 

[yarr2]

Hello,

But I'm not sure that it's the best option to run SpamAssassin for small VPS, which is handling 1 site and 1 email account, and all messages are redirected to several another ones. There is no any need to analyze something. How we can just reject messages which with failed SPF? Or it would be better to look for another solution?

Thank you

 

[cPanelMichael]

Hello,

Here are some instructions from a recent support ticket that will allow you to enable this option without SpamAssassin:

For reference, as a temporary fix here is an ACL that can be added in the Exim Configuration Manager >> Advanced Editor:

========================================
# BEGIN INSERT spf_bl

deny message = SPF: $sender_host_address is not allowed to send mail from $sender_address_domain
spf = fail


# END INSERT spf_bl
========================================

Search for the "custom_begin_mailauth" ACL, and place the above text in the box.

Thank you.