cancel
Showing results for 
Search instead for 
Did you mean: 
emjy
Level 7
Report Inappropriate Content
Message 1 of 4

error:450:SPF dns error ==> Connection dropped

I'm currently facing one issue receiving some messages from a specific domain. Sometimes, the delivery fails due to a 'SPF dns error' causing a dropping connection.

See below one example. Does someone know what is causing such issue ? Is the problem on my DNS or on the sender Internet DNS ?

My Ironmail is running 6.7.2 HF3

Thanks for your help !

Extract from my Event :

20110106:10:03:09|22893657642666|10249|Performing TS Lookup -|protocol <RBLDNS> query=<d.aZikcA1A9veZVHcUqkp1CFD4Km6rwcCZ6F1cI8VP2WLD96alUzvdB7PH6f9n.7FSGTfbyUB_zt3r-pajympfvLe69v-NwNM_q8cRmMxemY83HXxgGtp3vBtJE.aKmgdapbAgL5kxeKz-2PU1CYh3skaHV1ZfmKV2V2mabQ5eLnd4xExby2_eW5.JAdlesj8_EnQk0VeRGQlR3AkARKrH7dX9vWnXUCBzfGiCKTA>|

20110106:10:03:09|22893657642666|10250|TrustedSource Result - <status:lookup_ip:ipscore:score:dq_status:time> -|<0:199.49.1.56:0:-8:0:28658.000000>|

20110106:10:03:09|22893657642666|11014|User - GroupID info -|{'senderaddress@senderdomain': [1], 'recipientaddress@mydomain.com': [18L, 1], 'mydomain.com': [18L, 1], 'senderdomain': [1]}|

20110106:10:03:09|22893657642666|11015|Group ID - Name -|{1: 'global', 18L: 'MyLdap'}|

20110106:10:03:09|22893657642666|11023|Applied Policies, Applied Rules: <policies:rules> -|<[7197L]:[233508, 232417, 233545, 233878, 233677, 233514,

...

233626, 232827, 233377, 232666, 233788, 233801, 233041, 233391, 234133, 232606, 233043, 232987, 233404, 232323, 232327, 233420, 232624, 233431, 232319]>|

20110106:10:03:09|22893657642666|11022|Bypass rules triggered for the message - IDs: <msgid:ruleids> -|<133602168:[]>|

20110106:10:03:09|22893657642666|2306|DKIM Signature not present or invalid.||

20110106:10:13:40|22893657642666|9731|SenderID Result for PRA MTA Status Explanation: <pra:spfresult0:spfresult1:spfresult2> -|<senderaddress@senderdomain:error:450Smiley FrustratedPF dns error>|

20110106:10:13:40|22893657642666|6664|Message Details ID||FILENAME||FROMADDR||TOADDR|VIPID <msgid:filename:fromaddr:toaddr:vip> -|<133602168:/ct/data/mss/00/13/36/02/168:senderaddress@senderdomain:['recipientaddress@mydomain.com']:0>|

20110106:10:13:40|22893657642666|6665|Created new Message ID and File <msgid:file> -|<133602168:/ct/data/mss/00/13/36/02/168>|

20110106:10:13:40|22893657642666|9308|Message information <Source IPSmiley Tongueort:Message ID>|199.49.1.56:55054:133602168|

20110106:10:13:40|22893657642666|9313|Unable to communicate with client to confirm delivery, message rolled back||

20110106:10:13:40|22893657642666|9312|Socket communication failed with client. Connection dropped||

20110106:10:13:40|22893657642666|9234|Processing completed.||

[McAfee]:

3 Replies
ijahnke
Level 11
Report Inappropriate Content
Message 2 of 4

Re: error:450:SPF dns error ==> Connection dropped

It looks like there was a network timeout because the message failed after 10 minutes (the default timeout). First check and make sure that if the sender has multiple mx records that all of them resolve and none timeout. If the ironmail is set to do reverse mx lookups it will check all mx records listed for a domain to verify the authenticity of the domain.

so if domain A is sending to you with three different mx records and one does not resolve it would look something like this:

dig mx a.com

20 1.a.com.

30 2.a.com.

10 a.com.

dig a.com

192.168.0.20

dig 2.a.com

192.168.0.21

dig 1.a.com

;; connection timed out; no servers could be reached

Normally you should get a response back that the domain doesnt exist, but in this case the domain doesnt resolve to any ip address. The ironmail will eventually timeout attemtping to resolve 1.a.com because it never recieves an answer back from its DNS servers. Under normal circumstances it should recieve a SRVFAIL response.

Re: error:450:SPF dns error ==> Connection dropped

Where do you check on the Ironmails to see if it is configured for Reverse Lookups?

ijahnke
Level 11
Report Inappropriate Content
Message 4 of 4

Re: error:450:SPF dns error ==> Connection dropped

Anti-Spam -> Anti-Spam Advanced -> Reverse DNS

Also check

Anti-Spam -> SpamProfiler -> Configure (there is a setting for reverse dns here also)