On Thu, 25 Mar 2004, Kees Cook wrote:
> Great, I'll dig into it. I'll most likely be using the Perl
> implementation since I'm already using MIMEDefang and Mail::SPF::Query
> and a load of other tools.
I have attached the current incarnation of pysrs.m4, which is trivial
to change py to pl to invoke perl. One semantic change I have made is
passing the forwarding domain to the script from cf - which I'm sure
you'll be able to modify the Perl to handle.
> > (especially since I cheat and reject neutral results for aol.com).
>
> I tried to find details on this, but I haven't had any luck on how to
> turn ?all's into -all's. What're you doing?
res,code,txt = spf.check(self.connectip,self.canon_from,self.hello_name)
if res in ('deny', 'fail'):
self.log('REJECT: SPF %s %i %s' % (res,code,txt))
# improve default explanation, but don't wipe out text from SPF record
if txt == 'access denied':
txt = 'SPF fail: see
http://spf.pobox.com/why.html' self.setreply(str(code),'5.7.1',txt)
return Milter.REJECT
# ... other cases elided
elif res == 'neutral':
# spf_reject_neutral configured for [ 'aol.com' ] currently.
if host in spf_reject_neutral:
self.log('REJECT: SPF neutral for',self.sender)
self.setreply('550','5.7.1',
'mail from %s must pass SPF:
http://spf.pobox.com/why.html' % host
)
return Milter.REJECT
# Received-SPF: neutral (mybox.example.org: 192.0.2.1 is neither
# permitted nor denied by domain of
# myname@example.com)
self.add_header('Received-SPF',
"""neutral (%(receiver)s: %(connectip)s is neither
permitted nor denied by domain of %(sender)s)""" % self.__dict__)
# ...
--
Stuart D. Gathman <stuart@bmsi.com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Very few of our customers are going to have a pure Unix
or pure Windows environment." - Dennis Oldroyd, Microsoft Corporation