Yahoo Groups archive

Milter-greylist

Index last updated: 2026-04-28 23:32 UTC

Message

Re: Using SPF in ACL

2007-08-05 by Jim Hermann

--- In milter-greylist@yahoogroups.com, manu@... wrote:
> 
> Yes, this has been discussed before: filtering on SPF should be
> improved, probably this way:
> spf pass                SPF record exists and passed
> spf none                no SPF record
> spf fail                SPF record exists and failed
> spf open                SPF record exists and match any host
> 
> Probably  a feature for after 4.0 release.

Is there any way to get this upgraded feature in the current 4.0 
alpha version?  These are the results of the standard SPF client:

        result = 'pass' / 'fail' / 'error' / 'softfail' / 'neutral' /
                 'none' / 'unknown'
 
   Example headers generated by mybox.example.org:

       Received-SPF: pass (mybox.example.org: domain of
                           myname@... designates 192.0.2.1 as
                           permitted sender)
                           receiver=mybox.example.org;
                           client-ip=192.0.2.1;
                           envelope-from=<myname@example.com>;
                           helo=foo.example.com;

       Received-SPF: fail (mybox.example.org: domain of
                           myname@example.com does not designate
                           192.0.2.1 as permitted sender)
                           receiver=mybox.example.org;
                           client-ip=192.0.2.1;
                           envelope-from=<myname@...>;
                           helo=foo.example.com;

       Received-SPF: softfail (mybox.example.org: domain of
                               transitioning myname@... does 
not
                               designate 192.0.2.1 as permitted 
sender)

       Received-SPF: neutral (mybox.example.org: 192.0.2.1 is neither
                              permitted nor denied by domain of
                              myname@...)

       Received-SPF: none (mybox.example.org: myname@... does
                           not designated permitted sender hosts)

       Received-SPF: unknown -extension:foo (mybox.example.org: 
domain
                                             of myname@example.com 
uses
                                             mechanism not 
recognized by
                                             this client)

       Received-SPF: error (mybox.example.org: error in processing
                            during lookup of myname@...: DNS
                            timeout)

   SPF clients may append zero or more of the following key-value-
pairs
   at their discretion:

      receiver       the hostname of the SPF client
      client-ip      the IP address of the SMTP client
      envelope-from  the envelope sender address
      helo           the hostname given in the HELO or EHLO command
      mechanism      the mechanism that matched (if no mechanisms
                     matched, substitute the word "default".)
      problem        if an error was returned, details about the 
error

Attachments

  • No local attachments were found for this message.

Move to quarantaine

This moves the raw source file on disk only. The archive index is not changed automatically, so you still need to run a manual refresh afterward.