Milter-greylist

Hello everybody

With the help of Benoit Branciard, we added a larger set of SPF tests in
ACL clauses. You can now test a particular SPF status (e.g.: spf pass),
and you can also check if your own IP validates the sender SPF record,
which should help tracking wide-open SPF records. 

Example:
racl blacklist spf self msg "your SPF record is wide open"


-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@...

Hi Emmanuel,

> Hello everybody
> 
> With the help of Benoit Branciard, we added a larger set of SPF 
> tests in ACL clauses. You can now test a particular SPF status 
> (e.g.: spf pass), and you can also check if your own IP validates 

That sounds like an excellent feature, so basically with SPF pass we could
simply not greylist for them? (even though I realise some spammers have valid
SPF, but most don't).

Michael.

> the sender SPF record, which should help tracking wide-open SPF 
> records.
> 
> Example:
> racl blacklist spf self msg "your SPF record is wide open"
> 
> -- 
> Emmanuel Dreyfus
> http://hcpnet.free.fr/pubz
> manu@...
------- End of Original Message -------

Michael Mansour <mic@...> wrote:

> That sounds like an excellent feature, so basically with SPF pass we could
> simply not greylist for them? (even though I realise some spammers have valid
> SPF, but most don't).

You can set up your ACL to perform whatever you want based on the SPF
status.

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@...

--- In milter-greylist@yahoogroups.com, manu@... wrote:
>
> Hello everybody
> 
> With the help of Benoit Branciard, we added a larger set of SPF tests 
in
> ACL clauses. You can now test a particular SPF status (e.g.: spf 
pass),
> and you can also check if your own IP validates the sender SPF 
record,
> which should help tracking wide-open SPF records. 
> 
> Example:
> racl blacklist spf self msg "your SPF record is wide open"

Can I substitute a different IP Address in this racl?

Like this:

racl blacklist spf  123.123.123.123 msg "your SPF record is wide open"

BTW, 123.123.123.123 is an unassigned IP Address for the 
CNCGROUP Beijing province network, China Network Communications 
Group Corporation.

Jim

Jim Hermann <hostmaster@...> wrote:

> Can I substitute a different IP Address in this racl?
> Like this:
> racl blacklist spf  123.123.123.123 msg "your SPF record is wide open"

Not yet, but that's something that would be desirable to implement.

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@...

--- In milter-greylist@yahoogroups.com, manu@... wrote:
>
> Jim Hermann <hostmaster@...> wrote:
> 
> > Can I substitute a different IP Address in this racl?
> > Like this:
> > racl blacklist spf  123.123.123.123 msg "your SPF record is wide 
open"
> 
> Not yet, but that's something that would be desirable to implement.

I don't think that the spf self check will be too useful.  I imagine that 
almost everyone has authorized more than one email server to send 
email on behalf of their domain name.  If one authorized email server 
receives email from another authorized email server, the spf self check 
will fail. 

For example, here is the SPF records for sourceforge.net:

sourceforge.net.        7200    IN      TXT     "v=spf1 
redirect=_spf.sourceforge.com"

_spf.sourceforge.com.   7200    IN      TXT     "v=spf1 
ip4:66.35.250.0/24 ip4:12.31.165.64/27 ip4:208.48.95.16/28 
include:gmail.com ?all"

gmail.com.              139     IN      TXT     "v=spf1 
redirect=_spf.google.com"

_spf.google.com.        99      IN      TXT     "v=spf1 ip4:216.239.32.0/19 
ip4:64.233.160.0/19 ip4:66.249.80.0/20 ip4:72.14.192.0/18 
ip4:209.85.128.0/17 ip4:66.102.0.0/20 ip4:74.125.0.0/16 ?all"

Jim