secondary Mx and SPF

[BlackTC]

Hi!

I'm having an issue on the subject; following docs saying:

If you use a backup MX server (e.g. your ISP offers this service for you) you should always add those servers here.

I added ip address of a secondary mx server in Configuration-.> Mail Proxy -> Whitelist using option Ip Address (Sender).

but mail coming from that mx is checked against SPF and if emails are coming from a "-all" domains, are rejected.

is that correct?

thanks.

 

[Stoiko Ivanov]

but mail coming from that mx is checked against SPF and if emails are coming from a "-all" domains, are rejected.

the SPF check in Configuration-> Mail Proxy -> Options should not be used for whitelisted IPs. ...

please post the logs of such a mail - maybe we can find the cause of this...

 

[BlackTC]

Jul 7 09:43:55 mx1 postfix/smtpd[28770]: connect from <hostname>[x.x.x.x]
Jul 7 09:43:55 mx1 postfix/smtpd[28770]: NOQUEUE: reject: RCPT from <hostname>[x.x.x.x]: 554 5.7.1 <email_address>: Recipient address rejected: Rejected by SPF: x.x.x.x is not a designated mailserver for <email_sender> (context mfrom, on <proxmox_host>); from=<email_sender> to=<email_receiver> proto=ESMTP helo=<hostname>
Jul 7 09:43:55 mx1 postfix/smtpd[28770]: disconnect from <hostname>[x.x.x.x] ehlo=1 mail=1 rcpt=0/1 data=0/1 rset=1 quit=1 commands=4/6

x.x.x.x <- ip address of backup mx server
<hostname> <- fqdn of backup mx server
<email_address> <- email sender
<email_receiver> <- email receiver ( ^_^ )
<proxmox_host> <- mx for domain of receiver with proxmox

thanks