I've been playing around with implementing SPF on my personal server using
pypolicyd-spf. The actual SPF checking is working fine, however it's not
prepending the Received-SPF header to any the messages and I'm at a loss to
work out why - I've spent hours playing with various configuration options
:(
Can anyone help? Some examples are below. Host is Fedora 12 running postfix
version 2.6.5.
Thanks,
Luke
-----
policyd-spf.conf:
-----
debugLevel = 4
#defaultSeedOnly = 1
defaultSeedOnly = 0
HELO_reject = SPF_Not_Pass
Mail_From_reject = Fail
PermError_reject = False
TempError_Defer = False
skip_addresses = 127.0.0.0/8,::ffff:127.0.0.0//104,::1//128
-----
Example logs:
-----
Nov 26 20:28:00 medusa postfix/smtpd[15353]: connect from
ironport1-mx.cbr1.mail-filtering.com.au[203.88.115.241]
Nov 26 20:28:00 medusa postgrey[13302]: action=pass, reason=triplet found,
client_name=ironport1-mx.cbr1.mail-filtering.com.au,
client_address=203.88.115.241, sender=admin [ at ] testerdomain.com,
recipient=luke [ at ] mydomain.com Nov 26 20:28:00 medusa
policyd-spf[15361]: Starting Nov 26 20:28:00 medusa policyd-spf[15361]: Read
line: "request=smtpd_access_policy"
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line: "protocol_state=RCPT"
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line: "protocol_name=ESMTP"
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line:
"client_address=203.88.115.241"
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line:
"client_name=ironport1-mx.cbr1.mail-filtering.com.au"
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line:
"reverse_client_name=ironport1-mx.cbr1.mail-filtering.com.au"
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line:
"helo_name=ironport1-mx.cbr1.mail-filtering.com.au"
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line: "sender=admin [ at ]
testerdomain.com"
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line: "recipient=luke [ at ]
mydomain.com"
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line: "recipient_count=0"
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line: "queue_id="
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line:
"instance=3bf9.4cef8bb0.5fe44.0"
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line: "size=2861"
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line: "etrn_domain="
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line: "stress="
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line: "sasl_method="
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line: "sasl_username="
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line: "sasl_sender="
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line: "ccert_subject="
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line: "ccert_issuer="
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line: "ccert_fingerprint="
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line: "encryption_protocol="
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line: "encryption_cipher="
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line: "encryption_keysize=0"
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line: ""
Nov 26 20:28:00 medusa policyd-spf[15361]: Found the end of entry Nov 26
20:28:00 medusa policyd-spf[15361]: Config: {'Mail_From_reject': 'Fail',
'PermError_reject': 'False', 'HELO_reject': 'SPF_Not_Pass',
'defaultSeedOnly': 0, 'debugLevel': 4, 'skip_addresses':
'127.0.0.0/8,::ffff:127.0.0.0//104,::1//128', 'TempError_Defer': 'False'}
Nov 26 20:28:00 medusa policyd-spf[15361]: Cached data for this instance: []
Nov 26 20:28:00 medusa policyd-spf[15361]: spfcheck: pyspf result: "['None',
'', 'helo']"
Nov 26 20:28:00 medusa policyd-spf[15361]: None; identity=helo;
client-ip=203.88.115.241; helo=ironport1-mx.cbr1.mail-filtering.com.au;
envelope-from=admin [ at ] testerdomain.com; receiver=luke [ at ]
mydomain.com Nov 26 20:28:00 medusa policyd-spf[15361]: spfcheck: pyspf
result: "['None', '', 'mailfrom']"
Nov 26 20:28:00 medusa policyd-spf[15361]: None; identity=mailfrom;
client-ip=203.88.115.241; helo=ironport1-mx.cbr1.mail-filtering.com.au;
envelope-from=admin [ at ] testerdomain.com; receiver=luke [ at ]
mydomain.com Nov 26 20:28:00 medusa postfix/smtpd[15353]: E59228080:
client=ironport1-mx.cbr1.mail-filtering.com.au[203.88.115.241]
Nov 26 20:28:01 medusa postfix/cleanup[15364]: E59228080:
message-id=<003001cb8d54$9256c340$b70449c0$ [ at ] net.au> Nov 26 20:28:01
medusa postfix/qmgr[15295]: E59228080: from=<admin [ at ] testerdomain.com>,
size=3296, nrcpt=1 (queue active) Nov 26 20:28:01 medusa dovecot:
deliver(luke [ at ] mydomain.com): msgid=<003001cb8d54$9256c340$b70449c0$ [
at ] net.au>: saved mail to INBOX Nov 26 20:28:01 medusa
postfix/pipe[15366]: E59228080: to=<luke [ at ] mydomain.com>,
relay=dovecot, delay=0.89, delays=0.88/0.01/0/0.01, dsn=2.0.0, status=sent
(delivered via dovecot service) Nov 26 20:28:01 medusa postfix/qmgr[15295]:
E59228080: removed Nov 26 20:28:06 medusa postfix/smtpd[15353]: disconnect
from ironport1-mx.cbr1.mail-filtering.com.au[203.88.115.241]
-----
Actual headers from the message above:
-----
Return-Path: <admin [ at ] testerdomain.com>
Delivered-To: luke [ at ] mydomain.com
Received: from ironport1-mx.cbr1.mail-filtering.com.au
(ironport1-mx.cbr1.mail-filtering.com.au [203.88.115.241])
by medusa.mydomain.com (Postfix) with ESMTP id E59228080
for <luke [ at ] mydomain.com>; Fri, 26 Nov 2010 20:28:00 +1000
(EST)
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: ArAHAPca70xxFAXB/2dsb2JhbACCA5MGhguHIVdxwBCFRwQ
X-IronPort-AV: E=Sophos;i="4.59,260,1288530000";
d="scan'208,217";a="286471753"
Received: from ju001lcs06.cbr.the-server.com.au ([113.20.5.193])
by ironport1-mta.cbr1.mail-filtering.com.au with ESMTP; 26 Nov 2010
21:27:49 +1100
Received: from 124-148-61-23.dyn.iinet.net.au ([124.148.61.23]
helo=starbuck)
by ju001lcs06.cbr.the-server.com.au with esmtpa (Exim 4.69)
(envelope-from <admin [ at ] testerdomain.com>)
id 1PLvWv-0001Uz-6j
for luke [ at ] mydomain.com; Fri, 26 Nov 2010 21:27:49 +1100
From: "Luke Harris" <admin [ at ] testerdomain.com>
To: <luke [ at ] mydomain.com>
Subject: test
Date: Fri, 26 Nov 2010 20:27:45 +1000
Message-ID: <003001cb8d54$9256c340$b70449c0$ [ at ] net.au>
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_0031_01CB8DA8.6402D340"
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: AcuNVJDojla/nLLyTquo0jtrO9b0SQ==
Content-Language: en-au
-------------------------------------------
Sender Policy Framework: http://www.openspf.org [http://www.openspf.org]
Modify Your Subscription: http://www.listbox.com/member/ [http://www.listbox.com/member/]
Archives: https://www.listbox.com/member/archive/1020/=now
RSS Feed: https://www.listbox.com/member/archive/rss/1020/1311530-08394398
Modify Your Subscription: https://www.listbox.com/member/?member_id=1311530&id_secret=1311530-644bccd5
Unsubscribe Now: https://www.listbox.com/unsubscribe/?member_id=1311530&id_secret=1311530-512c0f9e&post_id=20101126094145:4A2BA22E-F96B-11DF-89F6-4674F559ED1D
Powered by Listbox: http://www.listbox.com
pypolicyd-spf. The actual SPF checking is working fine, however it's not
prepending the Received-SPF header to any the messages and I'm at a loss to
work out why - I've spent hours playing with various configuration options
:(
Can anyone help? Some examples are below. Host is Fedora 12 running postfix
version 2.6.5.
Thanks,
Luke
-----
policyd-spf.conf:
-----
debugLevel = 4
#defaultSeedOnly = 1
defaultSeedOnly = 0
HELO_reject = SPF_Not_Pass
Mail_From_reject = Fail
PermError_reject = False
TempError_Defer = False
skip_addresses = 127.0.0.0/8,::ffff:127.0.0.0//104,::1//128
-----
Example logs:
-----
Nov 26 20:28:00 medusa postfix/smtpd[15353]: connect from
ironport1-mx.cbr1.mail-filtering.com.au[203.88.115.241]
Nov 26 20:28:00 medusa postgrey[13302]: action=pass, reason=triplet found,
client_name=ironport1-mx.cbr1.mail-filtering.com.au,
client_address=203.88.115.241, sender=admin [ at ] testerdomain.com,
recipient=luke [ at ] mydomain.com Nov 26 20:28:00 medusa
policyd-spf[15361]: Starting Nov 26 20:28:00 medusa policyd-spf[15361]: Read
line: "request=smtpd_access_policy"
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line: "protocol_state=RCPT"
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line: "protocol_name=ESMTP"
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line:
"client_address=203.88.115.241"
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line:
"client_name=ironport1-mx.cbr1.mail-filtering.com.au"
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line:
"reverse_client_name=ironport1-mx.cbr1.mail-filtering.com.au"
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line:
"helo_name=ironport1-mx.cbr1.mail-filtering.com.au"
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line: "sender=admin [ at ]
testerdomain.com"
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line: "recipient=luke [ at ]
mydomain.com"
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line: "recipient_count=0"
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line: "queue_id="
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line:
"instance=3bf9.4cef8bb0.5fe44.0"
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line: "size=2861"
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line: "etrn_domain="
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line: "stress="
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line: "sasl_method="
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line: "sasl_username="
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line: "sasl_sender="
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line: "ccert_subject="
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line: "ccert_issuer="
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line: "ccert_fingerprint="
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line: "encryption_protocol="
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line: "encryption_cipher="
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line: "encryption_keysize=0"
Nov 26 20:28:00 medusa policyd-spf[15361]: Read line: ""
Nov 26 20:28:00 medusa policyd-spf[15361]: Found the end of entry Nov 26
20:28:00 medusa policyd-spf[15361]: Config: {'Mail_From_reject': 'Fail',
'PermError_reject': 'False', 'HELO_reject': 'SPF_Not_Pass',
'defaultSeedOnly': 0, 'debugLevel': 4, 'skip_addresses':
'127.0.0.0/8,::ffff:127.0.0.0//104,::1//128', 'TempError_Defer': 'False'}
Nov 26 20:28:00 medusa policyd-spf[15361]: Cached data for this instance: []
Nov 26 20:28:00 medusa policyd-spf[15361]: spfcheck: pyspf result: "['None',
'', 'helo']"
Nov 26 20:28:00 medusa policyd-spf[15361]: None; identity=helo;
client-ip=203.88.115.241; helo=ironport1-mx.cbr1.mail-filtering.com.au;
envelope-from=admin [ at ] testerdomain.com; receiver=luke [ at ]
mydomain.com Nov 26 20:28:00 medusa policyd-spf[15361]: spfcheck: pyspf
result: "['None', '', 'mailfrom']"
Nov 26 20:28:00 medusa policyd-spf[15361]: None; identity=mailfrom;
client-ip=203.88.115.241; helo=ironport1-mx.cbr1.mail-filtering.com.au;
envelope-from=admin [ at ] testerdomain.com; receiver=luke [ at ]
mydomain.com Nov 26 20:28:00 medusa postfix/smtpd[15353]: E59228080:
client=ironport1-mx.cbr1.mail-filtering.com.au[203.88.115.241]
Nov 26 20:28:01 medusa postfix/cleanup[15364]: E59228080:
message-id=<003001cb8d54$9256c340$b70449c0$ [ at ] net.au> Nov 26 20:28:01
medusa postfix/qmgr[15295]: E59228080: from=<admin [ at ] testerdomain.com>,
size=3296, nrcpt=1 (queue active) Nov 26 20:28:01 medusa dovecot:
deliver(luke [ at ] mydomain.com): msgid=<003001cb8d54$9256c340$b70449c0$ [
at ] net.au>: saved mail to INBOX Nov 26 20:28:01 medusa
postfix/pipe[15366]: E59228080: to=<luke [ at ] mydomain.com>,
relay=dovecot, delay=0.89, delays=0.88/0.01/0/0.01, dsn=2.0.0, status=sent
(delivered via dovecot service) Nov 26 20:28:01 medusa postfix/qmgr[15295]:
E59228080: removed Nov 26 20:28:06 medusa postfix/smtpd[15353]: disconnect
from ironport1-mx.cbr1.mail-filtering.com.au[203.88.115.241]
-----
Actual headers from the message above:
-----
Return-Path: <admin [ at ] testerdomain.com>
Delivered-To: luke [ at ] mydomain.com
Received: from ironport1-mx.cbr1.mail-filtering.com.au
(ironport1-mx.cbr1.mail-filtering.com.au [203.88.115.241])
by medusa.mydomain.com (Postfix) with ESMTP id E59228080
for <luke [ at ] mydomain.com>; Fri, 26 Nov 2010 20:28:00 +1000
(EST)
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: ArAHAPca70xxFAXB/2dsb2JhbACCA5MGhguHIVdxwBCFRwQ
X-IronPort-AV: E=Sophos;i="4.59,260,1288530000";
d="scan'208,217";a="286471753"
Received: from ju001lcs06.cbr.the-server.com.au ([113.20.5.193])
by ironport1-mta.cbr1.mail-filtering.com.au with ESMTP; 26 Nov 2010
21:27:49 +1100
Received: from 124-148-61-23.dyn.iinet.net.au ([124.148.61.23]
helo=starbuck)
by ju001lcs06.cbr.the-server.com.au with esmtpa (Exim 4.69)
(envelope-from <admin [ at ] testerdomain.com>)
id 1PLvWv-0001Uz-6j
for luke [ at ] mydomain.com; Fri, 26 Nov 2010 21:27:49 +1100
From: "Luke Harris" <admin [ at ] testerdomain.com>
To: <luke [ at ] mydomain.com>
Subject: test
Date: Fri, 26 Nov 2010 20:27:45 +1000
Message-ID: <003001cb8d54$9256c340$b70449c0$ [ at ] net.au>
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_0031_01CB8DA8.6402D340"
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: AcuNVJDojla/nLLyTquo0jtrO9b0SQ==
Content-Language: en-au
-------------------------------------------
Sender Policy Framework: http://www.openspf.org [http://www.openspf.org]
Modify Your Subscription: http://www.listbox.com/member/ [http://www.listbox.com/member/]
Archives: https://www.listbox.com/member/archive/1020/=now
RSS Feed: https://www.listbox.com/member/archive/rss/1020/1311530-08394398
Modify Your Subscription: https://www.listbox.com/member/?member_id=1311530&id_secret=1311530-644bccd5
Unsubscribe Now: https://www.listbox.com/unsubscribe/?member_id=1311530&id_secret=1311530-512c0f9e&post_id=20101126094145:4A2BA22E-F96B-11DF-89F6-4674F559ED1D
Powered by Listbox: http://www.listbox.com