Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Creating a policy for SPF TempError and PermError

    • Updated:
    • 17 Jun 2021
    • Product/Version:
    • Interscan Messaging Security Virtual Appliance All
    • Platform:
    • N/A
Summary

Emails are being rejected by InterScan Messaging Security Virtual Appliance (IMSVA) because the SPF check test returned "permerror" due to inconsistency of information on the SPF records of the domain. The current action of Postfix on IMSVA server is to reject mails when SPF result is "temperror" or "permerror".

temperror

Details
Public

Below are the actions on SPF test results:

  • Bypass - Postfix will not reject the email. It will add the header Received-SPF: PermError, TempError, Softfail, Pass…
  • Tempblock - Postfix rejects the email with 4xx error code. The 4xx error code is designed to instruct the sending server to try again at a later time to deliver its email.
  • Block - Postfix rejects the email with 5xx error. The 5xx SMTP errors indicate that an email could not be delivered due to a permanent problem. You should not retry sending email flagged with a 5xx error.

To resolve the issue, create a policy for "temperror" and "permerror". Below is the procedure how to create a policy to quarantine or tag SPF checking failed emails.

  1. Open the file /opt/trend/imss/postfix/etc/postfix/SPFPolicyd/config.ini.

    vi config.ini

  2. Change the action for temperror/permerror to bypass:

    [globals]
    temperror=bypass
    permerror=bypass

     
    When the action is set to bypass, Postfix will not reject the mail and instead, it will insert SPF checking result in the mail header. Therefore, we can create a policy to catch the failed mail.
  3. On the IMSVA console, create a policy.
    1. Create a policy on Policy > Policy List.
    2. On Scanning Conditions, tick the Header keyword expression checkbox.

    3. Create TempError keyword.

    4. Create PermError keyword.

    5. Follow the policy creation wizard and set the preferred action (e.g. Tag subject or Quarantine).
  4. Configure the smtpd_policy_service_timeout to "600".
    1. Open the main.cf file.

      vi main.cf

    2. Add the value of smtpd_policy_service_timeout at the bottom of the file.

      smtpd_policy_service_timeout=600s

    3. Reload the Postfix.

      service postfix reload

Premium
Internal
Partner
Rating:
Category:
Configure
Solution Id:
000282755
Feedback
Did this article help you?

Thank you for your feedback!


*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.