Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Unexpected SPF config bounced mail from my gateway

Discussion in 'E-mail Discussion' started by dolphyn, Dec 30, 2009.

  1. dolphyn

    dolphyn Well-Known Member

    Joined:
    Nov 27, 2001
    Messages:
    64
    Likes Received:
    0
    Trophy Points:
    306
    cPanel Access Level:
    Root Administrator
    Warning to anyone who uses an external anti-spam gateway:

    An SPF-related setting was added to my exim.conf on December 27 which improperly caused some mail from my gateway to be bounced until I learned of the problem today.

    My gateway is whitelisted, but apparently the new SPF-related setting does NOT respect the whitelists.

    Some mail relayed through my gateway was rejected with the error:
    SPF: [gateway IP] is not allowed to send mail from [domain]

    My CPanel Update configuration is
    cPanel/WHM Updates: Manual Updates Only (STABLE tree)
    cPanel Package Updates: Manual Updates Only
    Security Package Updates: Automatic

    Needless to say, it's kind of upsetting to have my Exim configuration updated (and broken) without any notification. Should I have been notified about this, and if so, how? Thanks.
     
    #1 dolphyn, Dec 30, 2009
  2. cPanelDon

    cPanelDon cPanel Quality Assurance Analyst
    Staff Member

    Joined:
    Nov 5, 2008
    Messages:
    2,554
    Likes Received:
    9
    Trophy Points:
    168
    Location:
    Houston, Texas, U.S.A.
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    The rejected e-mail issue is caused by the sender's domain name having a misconfigured SPF record as defined in the applicable DNS zone. If the custom mail gateway should be allowed to send mail then the DNS zones should be updated to correct the SPF records for the domain names involved.

    SPF records may be enabled, disabled, and modified via the following area in cPanel:
    cPanel: Main >> Mail >> E-mail Authentication
    Documentation: Email Authentication
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #2 cPanelDon, Dec 30, 2009
  3. dolphyn

    dolphyn Well-Known Member

    Joined:
    Nov 27, 2001
    Messages:
    64
    Likes Received:
    0
    Trophy Points:
    306
    cPanel Access Level:
    Root Administrator
    No, we cannot "correct" the SPF records of external domains that send mail to us, and we wouldn't expect external domains to know about our gateway when configuring their SPF records.

    All of our incoming mail passes through our gateway on the way to the CPanel server, and the CPanel update caused our CPanel server to reject mail from our own gateway. I didn't know about the problem until customers complained about missing mail.

    We've fixed the issue for now, but I'm still trying to understand how it is that an automatic update changed our Exim configuration when we have the automatic updates turned off. Thanks!
     
    #3 dolphyn, Dec 31, 2009
  4. cPanelDon

    cPanelDon cPanel Quality Assurance Analyst
    Staff Member

    Joined:
    Nov 5, 2008
    Messages:
    2,554
    Likes Received:
    9
    Trophy Points:
    168
    Location:
    Houston, Texas, U.S.A.
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    I apologize as I believe I may have misunderstood the specific scenario involved. Please note there have not been any very recent updates to the STABLE build tree and the last one was on August 25 of 2009.

    What is the indication that the setting was added automatically by cPanel/WHM?

    Was an update performed of cPanel, Exim, or any related software interacting with Exim (e.g., ClamAVconnector plug-in or related third-party software)?

    Was the Exim Configuration Editor accessed before or around the time the issue was noticed? I would check the cPanel access_log to obtain additional details:
    Code:
    /usr/local/cpanel/logs/access_log
    Here is a command to help locate relevant access_log entries for the Exim Configuration Editor:
    Code:
    # egrep "saveexim.*HTTP" /usr/local/cpanel/logs/access_log
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #4 cPanelDon, Dec 31, 2009
  5. dolphyn

    dolphyn Well-Known Member

    Joined:
    Nov 27, 2001
    Messages:
    64
    Likes Received:
    0
    Trophy Points:
    306
    cPanel Access Level:
    Root Administrator
    Hi Don,

    Thanks for calling my attention to the CPanel access logs. That solves part of the mystery; my helper intended to enable the SPF setting on his separate server but he accidentally made the change on my server instead. :eek:

    But, I think there is still a CPanel issue, because both the host name and the IP of my incoming gateway are listed in /etc/trustedmailhosts, which (by my reckoning) should override the SPF blacklist setting.

    Thanks, and sorry for the tone of my earlier post. I was feeling a bit grumpy, didn't explain the situation very well, and I blamed the CPanel update because I didn't think we had touched the settings.

    Happy New Year!
     
    #5 dolphyn, Dec 31, 2009
    Last edited: Dec 31, 2009
  6. cPanelDon

    cPanelDon cPanel Quality Assurance Analyst
    Staff Member

    Joined:
    Nov 5, 2008
    Messages:
    2,554
    Likes Received:
    9
    Trophy Points:
    168
    Location:
    Houston, Texas, U.S.A.
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    You're welcome. When possible, please let us know the full cPanel version number (i.e., to confirm the full version of the installed STABLE build). I believe the issue might have been fixed in cPanel version 11.24.4 where the build number is at least "33362" or higher. If the symptom persists while using the latest version (per http://httpupdate.cpanel.net/#builds) I would consider submitting a support request so that we may assist with investigation. If submitting a support request, when available, please let me know the ticket ID number (e.g, via a PM) so I may follow-up internally.

    Reference internal case ID number: #7898

    P.S., Enjoy the new year and have a most excellent and relaxing holiday weekend! :)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #6 cPanelDon, Dec 31, 2009
(You must log in or sign up to post here.)
Loading...
Similar Threads - Unexpected config bounced
  1. leonep

    unexpected /bin/su permission changed

    leonep, Jul 13, 2018, in forum: Security
    Replies:
    7
    Views:
    160
    cPanelLauren
    Jul 13, 2018
  2. Tagir Gumerov

    Unexpected return value of get_transfer_session_state

    Tagir Gumerov, Mar 28, 2018, in forum: cPanel Developers
    Replies:
    5
    Views:
    259
    cPanelMichael
    Apr 13, 2018
  3. abdelhost77

    Unexpected condition from IMAP server

    abdelhost77, Jan 8, 2018, in forum: E-mail Discussion
    Replies:
    5
    Views:
    1,893
    Infopro
    Jan 8, 2018
  4. mahdy_sharifi

    Unexpected condition from IMAP server

    mahdy_sharifi, Oct 9, 2017, in forum: E-mail Discussion
    Replies:
    1
    Views:
    1,608
    cPanelMichael
    Oct 10, 2017
  5. Rehan_1990

    SOLVED Webmail Unexpected condition from IMAP server

    Rehan_1990, Sep 25, 2017, in forum: E-mail Discussion
    Replies:
    6
    Views:
    2,008
    Rehan_1990
    Oct 10, 2017

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice