"HELO_reject = SPF_Not_Pass" is a plain wrong default, see below "Mail_From_reject = Fail" is correct and the same value has to be default for "HELO_reject" because otherwise you reject legit mail - in that case it was a order confirmation http://www.openspf.org/Why?s=helo;id=mail.template-help.com;ip=69.65.10.164 The domain mail.template-help.com has declared using SPF that it does not send mail through mail.template-help.com (69.65.10.164). However, the domain is still testing its SPF policy, so the message !!! should not have been rejected !!!
Version 1.3.1 has this config: -------------- # For a fully commented sample config file see policyd-spf.conf.commented debugLevel = 1 defaultSeedOnly = 1 HELO_reject = SPF_Not_Pass Mail_From_reject = Fail PermError_reject = False TempError_Defer = False skip_addresses = 127.0.0.0/8,::ffff:127.0.0.0/104,::1 -------------- Which is the same as 1.2, as is used in Fedora. Maybe you need to ask upstream to change defaults?
i have fixed that for our servers in the config, it's wrong given the message from openspf.org saying "should not have been rejected" where the sender get the bounce and click on the link says "and why do they reject and link my to a page explaining they should not" you can ignore that report, fix it for future Fedora users and/or ask upstream the intention of the bugreport was to prevent future users from the complaint i got yesterday from by boss and he was right :-)
Anyway, I did build: https://admin.fedoraproject.org/updates/pypolicyd-spf-1.3.1-1.fc20 So, give it a try in any event.
pypolicyd-spf-1.3.1-2.el7 has been submitted as an update for Fedora EPEL 7. https://admin.fedoraproject.org/updates/pypolicyd-spf-1.3.1-2.el7
pypolicyd-spf-1.3.1-2.el6 has been submitted as an update for Fedora EPEL 6. https://admin.fedoraproject.org/updates/pypolicyd-spf-1.3.1-2.el6
pypolicyd-spf-1.3.1-2.fc21 has been submitted as an update for Fedora 21. https://admin.fedoraproject.org/updates/pypolicyd-spf-1.3.1-2.fc21
pypolicyd-spf-1.3.1-2.fc19 has been submitted as an update for Fedora 19. https://admin.fedoraproject.org/updates/pypolicyd-spf-1.3.1-2.fc19
pypolicyd-spf-1.3.1-2.fc20 has been submitted as an update for Fedora 20. https://admin.fedoraproject.org/updates/pypolicyd-spf-1.3.1-2.fc20
Package pypolicyd-spf-1.3.1-2.el7: * should fix your issue, * was pushed to the Fedora EPEL 7 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=epel-testing pypolicyd-spf-1.3.1-2.el7' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-3033/pypolicyd-spf-1.3.1-2.el7 then log in and leave karma (feedback).
pypolicyd-spf-1.3.1-2.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.
pypolicyd-spf-1.3.1-2.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.
pypolicyd-spf-1.3.1-2.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
pypolicyd-spf-1.3.1-2.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report.
pypolicyd-spf-1.3.1-2.el7 has been pushed to the Fedora EPEL 7 stable repository. If problems still persist, please make note of it in this bug report.