Add to Favourites Add to Favourites    Print this Article Print this Article

What do notifications from "spf filter" mean ?

Symptoms:
SPF spam filter is enabled in server-wide mail preferences {Home -> Mail Server Settings -> Switch on SPF spam protection}. The following notifications are shown in $PRODUCT_ROOT_D/var/log/maillog:

Feb 17 09:25:02 plesk spf filter[22147]: Starting spf filter...
Feb 17 09:25:02 plesk spf filter[22147]: remote IP address does not correct
Feb 17 09:25:02 plesk spf filter[22147]: Unable to get options for spf filter

or

Feb 17 09:23:58 plesk spf filter[22090]: Starting spf filter...
Feb 17 09:23:58 plesk spf filter[22090]: Error code: (2) Could not find a valid
SPF record
Feb 17 09:23:58 plesk spf filter[22090]: Failed to query guess rules: Could
not find a valid SPF record near 'a/24 mx/24 p'
Feb 17 09:23:58 plesk spf filter[22090]: Failed to query MAIL-FROM: No DNS data
for 'domain.tld'.

What do they mean?

Resolution:
The notification "Unable to get options for spf filter" is an error that is caused by an incorrect header of the sent message. It may be caused by missing SMTP command HELO/EHLO. The message is not checked by SPF.
If you see the error when sending email via telnet, verify that the message is formatted correctly. For example:

~# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 plesk90.plesk.tld ESMTP
HELO plesk90.plesk.tld
250 plesk90.plesk.tld
MAIL FROM: root@plesk90.plesk.tld
250 ok
RCPT TO: yourmail@domain.tld
250 ok
data
354 go ahead
Subject: Test message for SPF spam protection
From: root@plesk90.plesk.tld

This is a test message for SPF spam protection.

The notification "Could not find a valid SPF record near 'a/24 mx/24 p'" appears in case if an incorrect guess rule is configured in SPF. Verify that the rule starts with "v=spf1".
You may reconfigure the rule in Parallels Plesk Panel at {Home -> Mail Server Settings -> Switch on SPF spam protection -> SPF guess rules} or manually in file /etc/psa/spf/spfguess. For example:

~# cat /etc/psa/spf/spfguess
v=spf1 a/24 mx/24 ptr
~#

The notifications "Error code: (2) Could not find a valid SPF record" and "Failed to query MAIL-FROM: No DNS data for 'domain.tld'" occur in case if sending domain domain.tld does not have valid SPF record in DNS. In this case SPF local rules are not applied.

The message is processed according to "SPF checking mode" set in server-wide mail preferences {Home -> Mail Server Settings -> Switch on SPF spam protection -> SPF checking mode}.

To resolve the problem you should configure SPF records in DNS zone of the domain which sends mail (MAIL FROM).
Was this answer helpful?

Also Read